Re: [Fed-Talk] Firefox & CAC reader
Re: [Fed-Talk] Firefox & CAC reader
- Subject: Re: [Fed-Talk] Firefox & CAC reader
- From: "Shawn A. Geddis" <email@hidden>
- Date: Tue, 11 Mar 2008 00:15:52 -0700
From: Eric Glass <email@hidden>
Does anyone have their CAC reader working w/ Firefox in Leopard?
Eric,
FireFox configuration is the same as it was for 10.3 and 10.4.
The instructions that Duane referenced:
http://handle.dtic.mil/100.2/ADA445103
which is actually the NPS "CAC on Mac" document.... is not only
somewhat outdated, it is largely wrong.
I would suggest you refer to the original Smart Card Setup and Admin
Guide I wrote:
http://idisk.mac.com/geddis-Public/SmartCards/Admin_Guides/10.3.x/?view=web
It walks you through configuring for PKCS#11 applications....
"5) Setting Up Signed & Encrypted Email (S/MIME)"
PKCS#11 was the only method available on 10.3.x and is what FireFox
utilizes as well. You will want to look at pages 11-16 for this...
Troubleshooting starting on page 63 will be another area of interest
to you and others. Specifically, 63-64 speaks of flashing the older
readers (and how to identify the reader info) along with running
pcsctest for very low-level dianostics (pg 64)... and finally "Adding
ATR values to SmartCardServices" on page 67 to add the ATR value from
your new card to the PKCS#11 bundle for CAC.
As I have noted previously, these types of requirements for using
PKCS#11 applications are some of the driving factors to enhancing and
integrating the Smart Card Services into Mac OS X's credential
environment - Keychains.
- Shawn
_____________________________________________________
Shawn Geddis Security Consulting Engineer Apple Enterprise
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden