Re: [Fed-Talk] CAC issue with OS X
Re: [Fed-Talk] CAC issue with OS X
- Subject: Re: [Fed-Talk] CAC issue with OS X
- From: "Shawn A. Geddis" <email@hidden>
- Date: Tue, 8 Jul 2008 09:38:15 -0400
Bill,
Mac OS X 10.5.3 had some Smart Card / Certificate regression which was
addressed by both the Mac OS X 10.5.4 Update and a separate installer
noted in the "Reader and/or Card...." message you will find in the
archive.
(1) Read my recent posts in the Fed-Talk Archives with the following
titles.... Starting on July 2..
[Discussion] 10.5.x/Smart Card/Safari Issues
[Discussion] (1) Reader and/or Card not recognized by Mac OS X 10.5
[Discussion] (2) Card recognized, but I cannot access PKI protected
Websites
[Discussion] (3) Enabling Intermediate CA Certificates -
SystemCACertificates
(2) Since Mac OS X does not execute any *.exe executable files,
sounds like you are referring to your Windows OS installation on the
Mac mini ?
All DoD required Roots & intermediates (except CA-19 & CA-20) are
already included in Mac OS X 10.5.
(See the "Discussion] (3) Enabling Intermediate CA Certificates -
SystemCACertificates" message in the archive)
(3) Installation of _additional_ Certificates would not invalidate
existing cert usage.
What you are seeing is the impact of the 10.5.3 regression which is
addressed with
Mac OS X 10.5.4 Update and the separate installer.
On Jul 7, 2008, at 6:39 PM, Bill Frame wrote:
I don't know if this is a side effect of an OS X update, or
something I can fix.
The CAC was working with all of my .mil sites, including AKO.
I received a new set of root certificates, the ones contained in
the Army file "InstallRoot v2 20B.exe". After installation of the
new certs, the CAC was no longer recognized by any .mil site, and
Entourage "forgot" all of my email account passwords. The passwords
are lost until I login again, then they work normally without
reloading them, but the CAC continues to be unrecognizable by any
.mil site.
This is OS X v10.5.3 on a Mac Mini with an Intel processor.
Bill Frame
619.992.8983
- Shawn
_____________________________________________________
Shawn Geddis Security Consulting Engineer Apple Enterprise
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden