Author Topic: CAC stopped working  (Read 28 times)

Offline Clint Barton

  • Newbie
  • *
  • Posts: 1
  • Kudos +0/-0
CAC stopped working
« on: June 11, 2018, 07:18:46 PM »

I had a user complain that her CAC stopped working. She has a MacBook Pro with 10.7.5 and PKard 1.2 Sites were refusing her certificates as "unknown". I was able to log in to my profile and use my CAC. So, my first question is, how could I completely clear out any and all caches, stored credentials, state, etc for a user?Second, I assumed that the certificate errors were because her system wasn't trusting DoD certificates. I keep hearing that OS X "doesn't need" the DoD Intermediate CA certs, and I know this stuff "just works" on a lot of Macs, but I just don't see how that's possible. So I used the instructions to add the DoD certs (those steps worked on my Lion iMac), but they just wouldn't persist on her system... when I close Keychain Access and reopen it, SystemCACertificates is gone again. I realize this isn't a PKard issue, but I'm hoping someone can point me in the right direction here.Lastly... I had someone else helping me with this (I'm a UNIX/Linux guy, not a Mac guy!), and he uninstalled PKard and installed OpenSC. We were OK with this because of the PKard bug that prevents preference panes from being unlocked (any word on when that'll be addressed?) This worked for him, but not for my poor borked-up user, so I created her a new profile, and she was then able to access CAC-enabled web sites, but at least one asked for her CAC certificate several times. I remember something about setting caching under Windows. Again, probably not a PKard issue, but maybe related.

Please help.

I did not find the right solution from the internet.

Video production quote