Re: [Fed-Talk] Problems with Keychain/AF WebMail/CAC
Re: [Fed-Talk] Problems with Keychain/AF WebMail/CAC
- Subject: Re: [Fed-Talk] Problems with Keychain/AF WebMail/CAC
- From: Mike Jackson <email@hidden>
- Date: Wed, 30 May 2007 15:10:15 -0400
On May 30, 2007, at 2:03 PM, Timothy J. Miller wrote:
On May 30, 2007, at 12:50 PM, Mike Jackson wrote:
I actually tried an intel mini I have on my desk and I get all the
same issues. I have a PPC mini at home that I may give a try to
later tonight. At least I know the OWA is still active and hasn't
been shutoff (which is a rumor that I had heard a few weeks ago).
Try launching FF, opening the Security Devices dialog (under
Preferences | Advanced | Encryption), selecting the PKCS#11 module
and *then* inserting the card. You should see the card detected.
If that doesn't do anything, try re-registering the CAC with the
CAC pcsc card driver:
sudo pcsctool
Then try the above again.
Do you know if I still have to copy certs from a windows machine
onto my local mac? I think 10.4.9 has all the certs necessary but
I am not sure.
You may need the DoD Root CA 2 in X509Anchors and the 11-18 CAs.
Firefox has its own cert store, so you'll need to load *all* the
DoD CAs (unless you're using the DoD Configuration add-on, which
does this for you).
In re: Safari and OWA--check with your CSAs and tell them you need
to run LEAP again (or you want to know where the local LEAP website
is). When you run LEAP, select the ID cert rather than the email
cert when authenticating to the LEAP website. Safari *should* work
with OWA after that.
Note that you'll also need to run LEAP when you get a new card.
-- Tim
Thanks for the help.. but none of that worked to let me access OWA. I
did the sudo pcsctool and chose the smartCardBundle as I have an SCM
331 card reader and it seemed like the one to select.
I will have to drive on base and put in a trouble ticket to run LEAP
again. Do I have to use my machine to do to the LEAP website? If so
we have a problem as my machine is not allowed on the internal NIPR
Net. Kinda a Catch-22 at this point.
Also I noticed that I can not find any of the DoD CAs on my machine
in the KeyChain.app. I reimported the X509 anchors and nothing showed
up. I wonder if in all the tinkering I have done I have somehow
deleted them..
How would I get them Back? I am going to reapply the 10.4.9 combo
updater and see if by chance that will straighten any of this out.
Any other suggestions (beside a clean reinstall - which I am close
to) are welcome.
--
Mike Jackson Senior Research Engineer
Innovative Management & Technology Services
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden