12/15/2021»»Wednesday

Military Cac For Mac No Client Certificate Presented

12/15/2021
    78 - Comments
Ako no client certificate presented

Introduction

  • Jun 29, 2019 Certificate Revocation Lists¶. Certificate Revocation Lists (CRLs) control which certificates are valid for a given CA. If a Certificate becomes compromised in some way, or is invalidated, it can be added to a CRL, and that CRL may be selected for use by an OpenVPN server, and then an OpenVPN client using that certificate will no longer be allowed to connect.
  • Installing DOD Certificates. When SecureAuth prompts for a CAC or PIV certificate your webserver is actually matching the client side SSL certificates with the certificates that are installed on your SecureAuth appliance. In order to check these client side certificates we need to install the root and intermediate certificates on the appliance.
  • The short version is that you're going to un-install a bunch of random certificates, install a bunch of dod certificates, install device drivers for your cac and then hope to god it works. If you have already done all of this, make sure you have no chrome or safari extensions running. Those will fuck it up.

PKard for Mac “After struggling for months to get my Mac to see my CAC card, I did it in less than 5 minutes after installing your product.' No Client Certificate Presented Error on AKO Login is a common error seen by the Army personnel. This is due to using a browser that doesn't have the required.

The steps for configuring Client side SSL (CSSL) for a SecureAuth appliance setup to validate CAC or PIV Cards

Military Cac For Mac No Client Certificate presented
  • Download root/intermediate DOD certificates.
  • Install certificates as administrator.
  • Verify installation of certificates into local computers cert store (not users)
Military Cac For Mac No Client Certificate Presented

Installing DOD Certificates

When SecureAuth prompts for a CAC or PIV certificate your webserver is actually matching the client side SSL certificates with the certificates that are installed on your SecureAuth appliance. In order to check these client side certificates we need to install the root and intermediate certificates on the appliance. If you have a specific set of root and intermediate certificates you can install them, if you do not this is the process to install the DOD root and intermediate certificates on the SecureAuth appliance.

1. Open the browser on the server and navigate tomilitarycac.com's download section HERE

Cac

2. Download'InstallRoot 3.13.1a from MilitaryCAC'


3. You might be prompted to add militarycac.com to your trusted sites to complete the download

4. Click 'Open' so that the file automatically launches


5. Right-click 'InstallRoot_v3.13.1A' and select 'Run as administrator'

6. At the security warning click 'Yes'

7. Accept the security warning if prompted

Verify the DOD Certificates were properly installed

1. Click the start menu/SecureAuth/Tools and select 'Certificates Console'

Military Cac For Mac No Client Certificate Presented Free

For

Military Cac For Mac No Client Certificate Presented Af Portal

2. Navigate to 'Trusted Root Certification Authorities' and ensure you have the DOD Root CA certificate installed

Military Cac For Mac No Client Certificate Presented Windows 10

3. Navigate to 'Intermediate Certificate Authorities' and ensure the intermediate certs are there