RE: [Fed-Talk] JITC CAC card gets " An untrusted certificate authority was detected while processing the smart card certificate used for authentication" login error...
RE: [Fed-Talk] JITC CAC card gets " An untrusted certificate authority was detected while processing the smart card certificate used for authentication" login error...
- Subject: RE: [Fed-Talk] JITC CAC card gets " An untrusted certificate authority was detected while processing the smart card certificate used for authentication" login error...
- From: "Miller, Timothy J." <email@hidden>
- Date: Tue, 6 Apr 2010 16:33:40 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] JITC CAC card gets " An untrusted certificate authority was detected while processing the smart card certificate used for authentication" login error...
That specific message only appears on Vista when the *DC* doesn't trust the root CA the logon certificate chains to, or the DC doesn't trust the issuer the chain passes through. In this case, that's the JITC root CA or OM 20 or OM Email 20. Check trust on the DC, fix it, and continue. :)
-- Tim
>-----Original Message-----
>From: fed-talk-bounces+tmiller=email@hidden [mailto:fed-
>talk-bounces+tmiller=email@hidden] On Behalf Of Paul Kwan
>Sent: Tuesday, April 06, 2010 8:18 AM
>To: Apple FED-TALK
>Cc: Louie Boczek; Keith Moreau; Paul Moore; David McNeely
>Subject: [Fed-Talk] JITC CAC card gets " An untrusted certificate
>authority was detected while processing the smart card certificate used
>for authentication" login error...
>
>Hi All,
>
> I has test JITC CAC card that worked on Mac and Windows workstation
>since May last year. Now I got the following error when trying to login
>again:
>
> 1) From the Windows login screen, it pops up this error message:
>
>The system could not log you on. An untrusted certificate authority was
>detected while processing the smart card certificate used for
>authentication
>
> 2) On the Mac, secure.log shows similar error message complaining on
>"An untrusted CA..."
>
> The JITC CAC card is valid until next year. And the DoD certs on AD
>are also valid:
>
> 2.1) "DOD OM CA-20": Valid from 8/3/2007 to 8/1/2013
> 2.2) "DOD OM EMAIL CA-20": Valid from 8/2/2007 to 4/1/2013
> 2.3) "DoD JITC Root CA 2": Valid from 7/14/2005 to 7/2/2030
>
> 3) I can access and download the CRL files without any problem:
>
> 3.1) http://crl.nit.disa.mil/getcrl?DoD JITC Root CA 2
> 3.2) http://crl.nit.disa.mil/getcrl?DOD OM CA-20
> 3.3) http://crl.nit.disa.mil/getcrl?DOD OM EMAIL CA-20
>
> Does anybody out there see the similar problem? How can I fix this
>so that my test JITC CAC card works again? Thanks for the help in
>advance.
>
>PSK
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden