• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] export CAC certificate(s) on Big Sur?

  • Subject: Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
  • From: "Blumenthal, Uri - 0553 - MITLL via Fed-talk" <email@hidden>
  • Date: Thu, 28 Jan 2021 18:23:58 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LnXvIRdBywFv736oIe+c4iBcWdyf2ZRj/DeFLNlfn3g=; b=Y1fFsaj2uVRg9g95fNT+NbXKnLm4pM81MYjpAiPH+bhMaxe/c1OCn2o3gB5GLGuMLQO5LA7KqFhV2qnCW0AoXm0Gq8x99DDVgKK3grKXhyCsZMErWsDkMXV/vfru1NGDw6y21HM680VMLbGTBga4a5U3Od6e5hGIAiA2z1rglyE4OVZSOnMXr3fltA6b0qWwZbiowrjUpCXtljjAkEESCykzTqUJq5k56RROtezxkXn0ijn1znmMlrIzPMHs+Q0tcDjYKafnmeXDUq2+tNIuNiNHZGF1Qj7vXAnpiLmQab2v23S61wz7/Ft7o/1WDvwC7ohPktINYyWkf24huKLvzQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=me5Cn2b7nKKhb+w8X2iQ1DkI72j5ALHyQwjBHlujUpm3vmHWsb+QcKDlmbjlemIX7Db4nLDojvePZEIzWz3e+vmImKjuijr7BxQxc2U3GnOzGRKT7RTSNF8SIhfqa1g987eJ0UjwzpmI3qn0txOToAEmXjxnofMPfdi+3uZA7nGdsKQU5RKivh9UKiN4ObK79abztC/drhYh4leDllt+BX6U7cOb7+rhs8sLaCgGRcfZjiIZDMnOjGglLHvyC674G+Zg3lpku3z6aZjsybFON/GNQIxE8/EdtkocG2rg8DDpvfcLzruD4o9RxrCVWVy1DmARcCuxWy5WA/eEu3obTg==
  • Thread-topic: [Fed-Talk] export CAC certificate(s) on Big Sur?
If you want GUI – search through the Apple App Store and get the app “Smart
Card Utility”. It does what you need. You can test-drive it for almost a year,
then the purchase cost is $9.99. I just bought it after my trial expired,
because I liked it.



Otherwise – do what Daniel suggested



To export your certs, you can open Terminal.app and run the following:



security export-smartcard -e ~/Desktop/



This will save a .pem file for each certificate and public key to your Desktop.
 They will be named something like:

Certificate for PIV Authentication (LASTNAME.FIRSTNAME.EDIPI).pem

Certificate for Digital Signature (LASTNAME.FIRSTNAME.EDIPI).pem

Certificate for Key Management (LASTNAME.FIRSTNAME.EDIPI).pem

Public Key - Certificate for PIV Authentication (LASTNAME.FIRSTNAME.EDIPI).pem

Public Key - Certificate for Digital Signature (LASTNAME.FIRSTNAME.EDIPI).pem

Public Key - Certificate for Key Management (LASTNAME.FIRSTNAME.EDIPI).pem





Or what Ken suggested



If you really need to upload the whole certificate, well, you can find it

under About This Mac -> System Reporter -> Software -> SmartCards.

All of the certificates are displayed in PEM format and you can

cut & paste them from there.  I believe you can also use the "security"

command to dump those certificates.



If you have OpenSC installed, uou can from the Terminal window



pkcs15-tool --read-certificate 01



for PIV Auth certificate (cut-n-paste the output, or redirect to a file).

--

Regards,

Uri



There are two ways to design a system. One is to make is so simple there are
obviously no deficiencies.

The other is to make it so complex there are no obvious deficiencies.


                                                     -  C. A. R. Hoare





From: Jeff Haferman via Fed-talk <email@hidden>
Reply-To: Jeff Haferman <email@hidden>
Date: Thursday, January 28, 2021 at 12:45
To: "email@hidden" <email@hidden>
Subject: [Fed-Talk] export CAC certificate(s) on Big Sur?




I need to register my CAC in order to access a DoD site
(in this case https://piee.eb.mil/piee-landing/)

Of course the instructions I received assumed an underlying Windows OS (use
Active Client, Internet Explorer, or Edge).

There is one section that says I can do it on a Chrome Browser, but Chrome ends
up opening Keychain Access. When a colleague (on Catalina) does this, he can
see his CAC in Keychain and export his certificates.

On Big Sur, I don't see my CAC certificates. I'm assuming the cause is Big Sur,
but I could be wrong.

Should I be able to see my CAC certificates in Keychain Access on Big Sur? Or
do I need to find a Windows machine?

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
      • From: William Cerniuk via Fed-talk <email@hidden>
    • Re: [Fed-Talk] [EXTERNAL] Re: export CAC certificate(s) on Big Sur?
      • From: "Golbig, Allen M. \(GRC-V000\)\[Peerless Technologies Corp.\] via Fed-talk" <email@hidden>
References: 
 >[Fed-Talk] export CAC certificate(s) on Big Sur? (From: Jeff Haferman via Fed-talk <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
  • Next by Date: Re: [Fed-Talk] [EXTERNAL] Re: export CAC certificate(s) on Big Sur?
  • Previous by thread: Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
  • Next by thread: Re: [Fed-Talk] [EXTERNAL] Re: export CAC certificate(s) on Big Sur?
  • Index(es):
    • Date
    • Thread