[Fed-Talk] Cac not being read correctly
[Fed-Talk] Cac not being read correctly
- Subject: [Fed-Talk] Cac not being read correctly
- From: "Marty Riley" <email@hidden>
- Date: Fri, 27 Mar 2009 15:39:10 +0000
- Importance: Normal
- Sensitivity: Normal
I'm having trouble reading my CAC Card accurately which was recently
updated with a NMCI e-mail address. Prior to accomplishing this, I had
no trouble at all accessing my OWA e-mail via my Macs, and am
wondering if keychain access "caches" smart card info based on a
serial number of a CAC Card.
System:
iMac and Mac Pro both running Leopard 10.5.6
Cac Card readers SCR331 flashed to 5.25 firmware version
Cac Card GEMAL TO ACCESS 64KV2
Certificates prior to the email update:
ID certificate: CA-16
Encryption: CA-15
E-mail Signature: CA-15
Certificates after the email update:
ID certificate: CA-16 (no change)
Encryption: CA-19 (changed)
E-mail Signature: CA-19 (changed)
I am able to access DoD websites that I registered at with the ID
certificate (CA-16) still, as that one didn't change. But no joy on
the OWA access which uses the DOD EMAIL signature, due in part I
think, to the CA changing. Which is unusual I think, because it's the
same station that issued my original CAC card?!
I have spent four days reading posts, cleared Safari cache, ran Onyx
for cleanups, cleared all the keychains from my list and imported them
again, and spent a whole lot of time with the smiling little face of
'finder' surfing though the computer and can't seem to find anything
(I think he's taunting me now!). I've tried everything except starting
from scratch with a new CAC card. I'm reluctant to do that since I
have so many DoD sites that I work with along with legacy e-mail
accounts (I know, I know.....)
When I insert the CAC card, it clearly shows up in my keychain access
list, but when I look at each certificate, they're the ones that were
on the card prior to the e-mail address update (CA-15), complete with
the prior e-mail address. I don't understand. I've even sent e-mails
to my personal e-mail address from work that I digitally signed, and
the certificate for the e-mail address shows up correctly (CA-19) in
my login keychain (verified)- so I don't think it's a CA Root or DOD
Email certificate problem.
Do I need to just swallow it and get a new CAC card? or can anyone
help me find the elusive cache (or whatever else) that I think is
killing me?
Sent from my Verizon Wireless BlackBerry
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden