Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
- Subject: Re: [Fed-Talk] export CAC certificate(s) on Big Sur?
- From: William Cerniuk via Fed-talk <email@hidden>
- Date: Thu, 28 Jan 2021 13:38:25 -0500
Leveraging Uri’s comment, I have found the app to be rather nice. I have not
exercised it enough to determine if it is a GUI app or a real app; but in light
duty, the ragged edges of a typical GUI app has not shown. (Is a good thing).
--
V/R,
Wm. Cerniuk
iPhone/FaceTime/iMessage/SMS Text: 703.505.0201
> On 28-Jan-2021, at 13:23, Blumenthal, Uri - 0553 - MITLL via Fed-talk
> <email@hidden> wrote:
>
> If you want GUI – search through the Apple App Store and get the app “Smart
> Card Utility”. It does what you need. You can test-drive it for almost a
> year, then the purchase cost is $9.99. I just bought it after my trial
> expired, because I liked it.
>
> Otherwise – do what Daniel suggested
>
> To export your certs, you can open Terminal.app and run the following:
>
> security export-smartcard -e ~/Desktop/
>
> This will save a .pem file for each certificate and public key to your
> Desktop. They will be named something like:
> Certificate for PIV Authentication (LASTNAME.FIRSTNAME.EDIPI).pem
> Certificate for Digital Signature (LASTNAME.FIRSTNAME.EDIPI).pem
> Certificate for Key Management (LASTNAME.FIRSTNAME.EDIPI).pem
> Public Key - Certificate for PIV Authentication (LASTNAME.FIRSTNAME.EDIPI).pem
> Public Key - Certificate for Digital Signature (LASTNAME.FIRSTNAME.EDIPI).pem
> Public Key - Certificate for Key Management (LASTNAME.FIRSTNAME.EDIPI).pem
>
>
> Or what Ken suggested
>
> If you really need to upload the whole certificate, well, you can find it
> under About This Mac -> System Reporter -> Software -> SmartCards.
> All of the certificates are displayed in PEM format and you can
> cut & paste them from there. I believe you can also use the "security"
> command to dump those certificates.
>
> If you have OpenSC installed, uou can from the Terminal window
>
> pkcs15-tool --read-certificate 01
>
> for PIV Auth certificate (cut-n-paste the output, or redirect to a file).
> --
> Regards,
> Uri
>
> There are two ways to design a system. One is to make is so simple there are
> obviously no deficiencies.
> The other is to make it so complex there are no obvious deficiencies.
>
> - C. A. R. Hoare
>
>
> From: Jeff Haferman via Fed-talk <email@hidden
> <mailto:email@hidden>>
> Reply-To: Jeff Haferman <email@hidden
> <mailto:email@hidden>>
> Date: Thursday, January 28, 2021 at 12:45
> To: "email@hidden <mailto:email@hidden>"
> <email@hidden <mailto:email@hidden>>
> Subject: [Fed-Talk] export CAC certificate(s) on Big Sur?
>
>
> I need to register my CAC in order to access a DoD site
> (in this case https://piee.eb.mil/piee-landing/
> <https://piee.eb.mil/piee-landing/>)
>
> Of course the instructions I received assumed an underlying Windows OS (use
> Active Client, Internet Explorer, or Edge).
>
> There is one section that says I can do it on a Chrome Browser, but Chrome
> ends up opening Keychain Access. When a colleague (on Catalina) does this, he
> can see his CAC in Keychain and export his certificates.
>
> On Big Sur, I don't see my CAC certificates. I'm assuming the cause is Big
> Sur, but I could be wrong.
>
> Should I be able to see my CAC certificates in Keychain Access on Big Sur? Or
> do I need to find a Windows machine?
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden
> <mailto:email@hidden>)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden <mailto:email@hidden>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden