[SmartcardServices-Users] CAC-NG 10.5.8 repeatedly rejects certs

Thu Jul 15 07:18:12 PDT 2010

 Greetings,

I have to add a ³me too² to those folks who have installed the CAC-NG tokend
and find that while the keychain shows their certs, and they can set up
identity preferences to use those certs, when trying to use Safari to get to
a site, you get an error message requesting that you select a certificate.
No matter what certificate is selected, you just get the selection again.
Reading the text of the selection box, you find that it says the site has
rejected the certificate and is therefore requesting another.
So, here are the additional things that I have done which I have not seen in
any of the previous posts about this issue.

I have only 3 people who have the CAC-NG card at this time.  One of those
has a new machine which is running 10.6.  I installed the CAC-NG tokend and
her system functions (mostly) beautifully.  The 10.5.8 system exhibits the
behavior above.  I took the CAC card from the person on the 10.5.8 system to
the 10.6 system and used it there successfully, indicating that the problem
is not that there is something wrong with her certificates.  Both cards work
in the 10.6 system.  Neither card works in the 10.5.8 system.

Finally, I set the debugger as Shawn outlined in a previous post.  These are
the results.  The timestamp indicates that these results are logged at the
moment in which Safari is attempting to log into a CAC-enabled website
(https://webmail.west.nmci.navy.mil in this case).  For privacy reasons,
I¹ve replaced the actual certificate name with <CAC_Certificate>.  This
string of errors shows up in the system.log every time I try to log into a
CAC-enabled site.

Jul 14 15:43:36 mac /Applications/Safari.app/Contents/MacOS/Safari[75221]:
preferred identity: "<CAC_Certificate>" found for
"https://webmail.west.nmci.navy.mil/exchange"
Jul 14 15:43:36 mac /Applications/Safari.app/Contents/MacOS/Safari[75221]:
lookup complete; will use: "<CAC_Certificate>" for
"https://webmail.west.nmci.navy.mil/exchange"
Jul 14 15:43:37 mac securityd[22]: securityd(22,0xb0081000) malloc: ***
error for object 0x121f000: pointer being freed was not allocated\n*** set a
breakpoint in malloc_error_break to debug
Jul 14 15:43:37 mac com.apple.SecurityServer[22]: securityd(22,0xb0081000)
malloc: *** error for object 0x121f000: pointer being freed was not
allocated
Jul 14 15:43:37 mac com.apple.SecurityServer[22]: *** set a breakpoint in
malloc_error_break to debug

-- John Daly
Apple Certified Technical Coordinator
Sysadmin 474300D

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20100715/0551acc7/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 5993 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20100715/0551acc7/attachment-0001.png>