[SmartcardServices-Users] Continuously having to delete Microsoft Intermediate Certificate

Shawn Geddis geddis at me.com
Mon Mar 5 10:47:40 PST 2012 

Jenny,

The existence of the Microsoft Keychains is actually a reoccurring regression from the MS side.  This happened and MS fixed back in the Entourage days and when it was redone as Outlook, the old/errant code apparently made its way back into Outlook as well.

Please file this with Microsoft when you can.  

You are doing the right thing in moving all of the objects from those keychains into your own keychain(s) and deleting both the file/reference in Keychain Access.  I wish it could be as easy as create a symlink with the MS keychain name linked to your login.keychain... but alas that is not possible.

-Shawn
__________________________________________________
Shawn Geddis				  			   geddis at me.com
Security Consulting Engineer                              geddis at apple.com

MacOSForge Project Lead:                           Smart Card Services                                                      
	Web:	http://smartcardservices.macosforge.org/
	Lists:	http://lists.macosforge.org/mailman/listinfo
__________________________________________________


On Mar 5, 2012, at 12:27 PM, Jenny Matheney wrote:
> 
> I have spent a ton of time on the internet, Fed-talk, SmartcardServices and other communities over the past couple of months trying to figure this one out... And perhaps a keychain forum would be a better one to ask this question of but since Shawn seems to be the all knowing god of SmartCard/Keychain/Authentications/etc... ;-) I’m reeeeeaaaaalllllly hoping this forum has the answer.  So!  Here goes.
> 
> I am using Entourage as my mail client to connect to webmail.east.nmci.navy.mil.  I started receiving an error “unable to establish a secure connection to <servername> because the root certificate is not installed.”.  Then every time I would receive an email from any .mil account I would get this pop-up that said verifying certificates that would hang and then of course report back there is a security problem.  Click on details and get a red X “You do not trust the digital ID”.  I followed every line of advice I could find with the only solution that worked being to delete my Microsoft Intermediate Certificate.  This works for a little while but then an email will come in that causes this problem to reappear.  And off I go back to my Username>Library>Keychains> to drag the Microsoft Intermediate Certificate to the trash again.  I’m sure I’m not doing myself any favors by continuously deleting this either.... There has to be a more elegant solution out there... It’s hugely annoying in Entourage but causes problems when I OWA in properly using Safari or FireFox as well.
> 
> Is there a method for identifying the offending keychain and deleting/blocking it from ever appearing again?  Help?
> 
> I hope you guys have an answer for me and thanks for your time.
> 
> Jenny
> ~KCCO







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20120305/79e2b764/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4360 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20120305/79e2b764/attachment.bin>

More information about the SmartcardServices-Users mailing list