Re: [Fed-Talk] How to setup CAC authentication in Safari
Re: [Fed-Talk] How to setup CAC authentication in Safari
- Subject: Re: [Fed-Talk] How to setup CAC authentication in Safari
- From: Wayne Lewis <email@hidden>
- Date: Thu, 10 Jul 2008 22:12:46 -0400
I found this posting that seems to be related: http://lists.apple.com/archives/fed-talk/2007/Jan/msg00018.html
However, I don't know where in the keychain to make the id
preference? Do I make it under the CAC entry, the login entry,
where? Does anyone have the applescript that was mentioned in the
post? I definitely would not call the process of setting up/using the
smart card features of OS X intuitive!
I did try creating an ID preference under "login" in the keychain for
each of the three certificates on my CAC (one at a time). Each time,
I would open safari and go to the OWA address (https://xxxx.af.mil/exchange
) but authentication still failed and I was never prompted to enter a
pin. Normally you choose the e-mail cert for OWA.
What's needed, at least for me, is a step-by-step on how to setup OS
X, fresh out of the box (10.5 or later), for using the CAC to
access .mil websites (because it apparently doesn't work out the box,
which is how I'm trying). Some on this list may be assuming I'm using
a government system with a government installation of OS X. This is
my personal laptop, with a fresh install of OS X and all patches up to
10.5.4. Once I figure out how to make this work, I'll write the step-
by-step and share with all, but I don't think I'll get this working
without the list members help, and everyone is assuming a great deal
of experience/knowledge with OS X, which I do not have.
On a windows installation, all you need is the CAC reader, the driver
and ActivClient (or other middleware). IE then prompts for certs to
be selected. OS X apparently has the drivers for the card readers (my
certs appear in the keychain when I insert the CAC in the reader), and
supposedly the middleware is there (but hidden!).
On Jul 10, 2008, at 9:14 AM, Timothy J Miller wrote:
On Jul 9, 2008, at 9:03 PM, Wayne Lewis wrote:
I'm probably missing something very simple, but I don't know what
that might be.
You're missing an ID preference. Hit the list archives for several
recent messages with instructions. Won't solve all the issues but
it'll get OWA working in Safari.
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden