Hello Tim, This is a full-on PIV card. I feel like I am so close!
Thanks - Ken --- "Timothy J. Miller" <[EMAIL PROTECTED]> wrote: > Is this a full-on PIV card, or a DoD > PIV-transitional? If it's > PIV-transitional, then functionally it can still be > used as a CAC as it > still has the CAC applets. You may need to register > the ATR with the > commonAccessCard.bundle via pscstool. > > -- Tim > > Kenneth Carrera wrote: > > Douglas, > > > > Thank you very much for the response. I really > appreciate it. > > > > I tried using the opensc-tool, piv-tool, and > pkcs15-tool. From those, I can > > bring up the card ATR so I know my card is being > recognized, but I cannot > > successfully run any of the other commands. Did > you do anything special to your > > opensc.conf file? > > > > Also, are you able to perform smart card login to > your MAC using OpenSC? > > > > Thank you again for your help! Ken > > > > > > > > ----- Original Message ---- > > From: Douglas E. Engert <[EMAIL PROTECTED]> > > To: Kenneth Carrera <[EMAIL PROTECTED]> > > Cc: [EMAIL PROTECTED]; > opensc-devel@lists.opensc-project.org > > Sent: Friday, March 2, 2007 4:27:47 PM > > Subject: Re: [opensc-devel] Using PIV Card to > Authenticate to MAC ( Problems ) > > > > Kenneth Carrera wrote: > > > Hello all: > > > > > > I am trying to configure my MAC to accept a PIV > Card. > > > I have installed OpenSC (SCA for MAC) and can > now read > > > my smart card ATR. My keychain can recognize > when the > > > card is inserted. > > > > > > However, I cannot seem to access the data or > the > > > certificates on the card. I made sure to > configure my > > > Opensc.config file to work with the new PIV > card ( > > > Oberthur ). Is there anything else I can do to > try to > > > get the card to work with MAC? Thank you in > advance > > > for any help offered! > > > > How are you trying to access the data on the card? > > > > I am assuming the card has at least a certificate > and > > key, either a test one from Oberthur, or issued by > > whomever gave you the card. > > > > You can start by using the > /Library/OpenSC/opensc-tool > > -l and -a options is a terminal window. > > > > Then ./pkcs15-tool -c should show that you have a > certificate. > > (It may not really be there.) > > > > ./pkcs15-tool -r 1 > > > > should read the certificate and show it in PEM > format. > > > > If you bring up the Keychain utility and hit the > "show Keychains" > > button in the lower left, its should show all your > keychains. > > The PIV card would be listed as PIV_II, and the > main window should > > show you have an Auth key, and a certifcate. (You > may have > > other certs and keys as well There can be 4. In my > tests I only > > write out the auth cert to the card. > > > > The one other issue is if the certificate is > compressed. > > Code has been sent to the devel list to handle > this, but is > > has not been added to the distribution. I don't > have a card > > with a compressed cert, so can not test it. If you > suspect > > that the cert is compressed, we can talk about > that too. > > > > Safari should be able to use this to some web > site, if the > > site trusts the CA that signed your certifcate. > > > > > > > > > > Ken > > > > > > > > > > > > > > > ____________________________________________________________________________________ > > > Need a quick answer? Get one in minutes from > people who know. > > > Ask your question on www.Answers.yahoo.com > <http://www.answers.yahoo.com/> > > > _______________________________________________ > > > opensc-devel mailing list > > > opensc-devel@lists.opensc-project.org > > > > http://www.opensc-project.org/mailman/listinfo/opensc-devel > > > > > > > > > > -- > > > > Douglas E. Engert <[EMAIL PROTECTED]> > > Argonne National Laboratory > > 9700 South Cass Avenue > > Argonne, Illinois 60439 > > (630) 252-5444 > > > > > > > -------------------------------------------------------------------------------- > > Expecting? Get great news right away with email > Auto-Check. > > > <http://us.rd.yahoo.com/evt=49982/*http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html> > > Try the Yahoo! Mail Beta. > > > <http://us.rd.yahoo.com/evt=49982/*http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html> > > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > opensc-user mailing list > > [EMAIL PROTECTED] > > > http://www.opensc-project.org/mailman/listinfo/opensc-user > > ____________________________________________________________________________________ Never Miss an Email Stay connected with Yahoo! Mail on your mobile. Get started! http://mobile.yahoo.com/services?promote=mail _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
