Search MilitaryCAC.com: Site Map Please this website with your friends and colleagues

The Definitive Source for Everything CAC   CAC (Common Access Card) help for your Personal Macintosh Computer

Be notified of page updates It's private Powered by: ChangeDetection Verified and secure at:  https://MilitaryCAC.com

APPLE MACINTOSH COMPUTER SUPPORT PAGE specifically for the OBERTHUR family of ID cards:

Oberthur ID One 128 v5.5 Dual, Oberthur ID One V5.2, and Oberthur ID One V5.2a Dual

If your CAC is the Gemalto Top DL GX4 144, please try this first

This option works [most of the time] on these 3 versions of Mac OS X

Lion	Snow Leopard	Leopard
10.7.x	10.6.x	10.5.x

Download / Save this page as a PDF

 OpenSC provides a set of libraries and utilities to work with smart cards.  Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures

http://www.opensc-project.org/opensc/wiki/WikiStart

Scope

The goal of the OpenSC installer is to integrate with the platform as closely as possible and to provide support for PKCS#11 and native CDSA / Keychain applications on Mac OS X 10.5.x and newer.

(Information on the program)

Download for your version of Mac OS X:

-----------------------------------------------------------

Lion (10.7.x) OpenSC installer from:

MilitaryCAC.com (ZIP)(updated by Capt Andresky - USAF) 

------------------------------------------------------------

Snow Leopard (10.6.x) OpenSC installer from:

MilitaryCAC.com (ZIP)(updated by Capt Andresky - USAF) 

OpenSC-project.org (currently has an issue with Lion - use MilitaryCAC.com link above for Lion)

-----------------------------------------------------------

Leopard (10.5.x) OpenSC installer from:

OpenSC-project.org

MilitaryCAC.com (DMG)

MilitaryCAC.com (ZIP)

Insert your CAC (ID card) into your CAC Reader after installing the program above.

Verify your CAC is being read by looking in the Keychain section.  You "should" see something like "PIV_II" under Keychains.  Here is how to get to Keychain Access (if you are unsure where it is).

If you had a Gemalto CAC, you would see something like: CAC...###-### rather than PIV_II

NOTE:  Some websites will automatically add themselves to the keychain when you visit the site (like 10.6.x - Snow Leopard), others you will have to add manually (like we used to do with 10.5.x - Leopard). 

NOTE:  I recommend going to the CAC website and see if it let's you in.  If it does not, you will need to follow the instructions below and manually add URLs to your Keychain.  In my test, OWA added itself, but AKO did not.

Once you do this, you "should be able" to go to your CAC enabled websites (just like 10.6.x - Snow Leopard) (a restart "may" be needed).

IF your CAC enabled website did not work automatically, follow these 5 steps.

Step 1: Click: Go, Utilities, double click Keychain Access. 

NOTE:  If you don't see Go, click the finder icon  in your taskbar.  Then:

10.5.x - Leopard:             Click Applications (under Places), Utilities, Keychain Access

10.6.x - Snow Leopard:  Click Applications (under Places), Utilities, Keychain Access

10.7.x - Lion:                    Click Applications, Utilities, Keychain Access.app 

Step 2:  In the upper left portion of the Keychain Access window, under "Keychains" your CAC may show up as(PIV_II), click it.  In the right side you will see the certificates that are on your CAC.  (If your CAC does not appear, remove it from the reader, unplug the CAC Reader, quit, and re-open Keychain Access, plug in the Card Reader, and insert your CAC)  

NOTE:  Do NOT Double Click the "Padlock" icon under Keychain Access.  As it will NOT unlock your card (like it does with the Gemalto brand CACs), In fact, it will BLOCK it (if you type anything in 3 times).

Step 3: Select the desired certificate, which will show as:  LASTNAME.FIRSTNAME.MIDDLENAME.NUMBERS on the right side of the screen.  Right Click your mouse and select "New Identity Preference"  If you don't have a two button mouse, hold the <ctrl> key and click your mouse button to get the "New Identity Preference" option. 

NOTE:  See Step 4 for a listing of URL / websites to add and to know which certificate to use for your specific application.

.

NOTE:  You should see 3 or 4 certificates, if you see less than 3, you will need a new CAC.

Step 4: Enter the URL / website (from the links here) for the website you wish to access using your CAC, select the appropriate certificate and click “Add”:  

Once added in, it will look something like this under the Login section (minus the black rectangle)

Step 5: Quit Keychain Access (and Applications (if it is still open)), remove your CAC from the reader, and re-insert it.  Open Safari and begin navigating to your CAC enabled website(s).

If the above ideas did not work for you, your only option left is to purchase, install, and use

PKard for Mac

PKard is the only sure known option (with support) of your Oberthur ID One 128 v5.5 Dual, or V5.2a Dual CAC.

Purchase it from Thursby Software or TX Systems

PKard demo

You may also take the risk of using other [no support] (open source) CACkey, or Charismathics Smart Security Interface (CSSI-PIV) programs.

If you still have problems, contact us.