[SmartcardServices-Users] New CAC problems

Evans, Paul CIV NAVAIR Bldg 1463 paul.evans1 at navy.mil
Mon Jan 25 11:06:01 PST 2010

I don't have AFC running.  Checked the tokend directory and all I have are the following.
I tried reinstalling both under my account and as root and both said the install was successful.
Any thoughts?


From: Shawn A. Geddis [mailto:geddis at mac.com]
Sent: Mon 1/25/2010 12:25 PM
To: Evans, Paul CIV NAVAIR Bldg 1463
Cc: smartcardservices-users at lists.macosforge.org
Subject: Re: [SmartcardServices-Users] New CAC problems

On Jan 25, 2010, at 11:33 AM, Evans, Paul CIV NAVAIR Bldg 1463 wrote:

	I just received a new CAC today and I'm having issues with it on my MacBook Pro running 10.5.8.  The new card is apparently the dual applet type (CAC and PIV).  I found a post  on the fed-talk list from Shawn Geddis back in November pointing to the beta tokend and installed it but it still doesn't work.  The card seems to be recognized by the keychain app but when I click on it it doesn't show any certs or other information.  When I try to unlock it, it won't accept the PIN.  Are there any work-arounds?


The CAC-NG Tokend was indeed posted here for Mac OS X 10.5.x - Leopard:

Main Project Page Posting: http://smartcardservices.macosforge.org/
Installers Page: http://smartcardservices.macosforge.org/trac/wiki/installers

This installer adds another Tokend "CAC-NG" to your Tokend directory.

Since you indicate that:

	The card seems to be recognized by the keychain app but when I click on it it doesn't show any certs or other information. 

This indicates that the card is being picked up by the original CAC Tokend and not the CAC-NG.  Is it possible that you have Thursby's ADmitMac for CAC (AFC) installed ?  If so, be aware that AFC has their version of the CAC tokend embedded in their software - not exactly ideal, but they took this approach to incorporate PKINIT in their earlier releases.  If you use AFC then Thursby will need to update their software for you.

If you have never had AFC installed on this particular machine then we would need to look further at the current issues you might have preventing use of the CAC-NG.

Make sure that the tokend is indeed installed properly....

	$ ls -al /System/Library/Security/tokend/

reply to list with what you have.


Shawn Geddis       geddis at mac.com
Security Consulting Engineer

MacOSForge Project Lead:                           Smart Card Services                                                                 
Web: http://smartcardservices.macosforge.org/
Lists: http://lists.macosforge.org/mailman/listinfo

More information about the SmartcardServices-Users mailing list