Re: [Fed-Talk] 10.5 and CAC
Re: [Fed-Talk] 10.5 and CAC
- Subject: Re: [Fed-Talk] 10.5 and CAC
- From: "Shawn A. Geddis" <email@hidden>
- Date: Tue, 8 Jul 2008 11:36:50 -0400
On Jul 8, 2008, at 11:01 AM, Robert Kerr wrote: Prior to the 10.5 upgrade I was able to get to the CAC sites. I looked in the keychain app the CAC is no longer listed there. What am I missing? I’m using the SCR331 reader that was working prior to the upgrade. Is this reader not supported in 10.5? bob
Bob,
Mac OS X 10.5.3 had some Smart Card / Certificate regression which was addressed by both the Mac OS X 10.5.4 Update and a separate installer noted in the "Reader and/or Card...." message you will find in the archive.
After installing the separate "Smart Card Services Update v1.0", you should have complete support for the SCM SCR331 and many, many other readers.
Everyone should keep in mind that just because they one of the supported readers like the SCM SCR 331, it may have an older/ incompatible firmware which should be flashed to SCM's current 5.25 version available on their site. Yes, we all know that the firmware flashing requires a Windows OS and folks may want to ask SCM for the Firmware Update Tool to be ported to Mac OS X. :-)
As noted to others in a previous post this morning... (1) Read my recent posts in the Fed-Talk Archives with the following titles.... Starting on July 2..
[Discussion] 10.5.x/Smart Card/Safari Issues [Discussion] (1) Reader and/or Card not recognized by Mac OS X 10.5 [Discussion] (2) Card recognized, but I cannot access PKI protected Websites [Discussion] (3) Enabling Intermediate CA Certificates - SystemCACertificates
(2) Since Mac OS X does not execute any *.exe executable files, sounds like you are referring to your Windows OS installation on the Mac mini ?
All DoD required Roots & intermediates (except CA-19 & CA-20) are already included in Mac OS X 10.5. (See "Discussion] (3) Enabling Intermediate CA Certificates - SystemCACertificates" message in the archive)
(3) Installation of _additional_ Certificates would not invalidate existing cert usage. What you are seeing is the impact of the 10.5.3 regression which is addressed with Mac OS X 10.5.4 Update and the separate installer.
- Shawn _____________________________________________________ Shawn Geddis Security Consulting Engineer Apple Enterprise
|
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden