How To Set Up Cac Card Reader On Windows 10

Please select a browser below to access instructions for configuring your browser to apply the certificates on your CAC.

IE and Chrome

First check whether your certificates are already available to your browser.

For Cyberspace Explorer 8.0 and to a higher place:

1. Navigate to Tools > Internet Options > Content and click Certificates.



2. On the Personal tab, review the list of certificates to determine if your CAC certificates are in the listing. The certificates on your CAC will be issued by a DoD CA.
3. If the certificates appear in the list, you lot are finished. If the certificates do non appear in the listing, please meet the note below.

---

For Google Chrome:

1. Navigate to Tools > Options > Under the Hood and click Manage Certificates in the HTTPS/SSL section.



2. On the Personal tab, review the list of certificates to determine if your CAC certificates are in the listing. The certificates on your CAC will exist issued by a DoD CA.
3. If the certificates announced in the listing, you are finished. If the certificates exercise not appear in the list, please see the note below.

Notation: If your certificates are non in the list and you lot're using ActivClient, please make sure information technology is installed correctly. If your certificates are non in the list and you are using other middleware, you lot can contact your CC/South/A for more information on the middleware requirements for your system. You can find their contact information on our Contact The states tab.

Firefox

Below are complete instructions for using Firefox with your CAC. Y'all may also download these instructions.

Install Certificates from InstallRoot

1. Download and install the InstallRoot tool following the instructions in the InstallRoot User Guide or watch this video to larn how:
2. Open the InstallRoot tool and select Firefox/Mozilla/Netscape from the Select Trust Store picklist at the bottom of the window.
3. Ensure but the peak Install DoD NIPRNET Certificates box is checked.



4. Click the Install button and wait for the installation to complete. Please wait until y'all encounter a confirmation dialog indicating the tool is finished.

---

Using Common Access Card (CAC) certificates in Firefox

These instructions volition enable ActivIdentity'southward ActivClient software to work within Firefox. Before proceeding, try to ensure the latest version of ActivClient is installed past going to the ActivClient website to check the latest version. Before installing the latest version, delight uninstall any previous versions of ActivClient.

Equally of version six.2, ActivClient by default configures Firefox to accept the CAC certificates without any boosted configuration. You may use the post-obit instructions to verify that it has been installed properly. If using an older version of ActivClient, these instructions volition assist with proper configuration.

1. Open Firefox
2. Click on Tools > Options in the carte du jour bar.



3. In the Options window, get to Advanced > Encryption > Security Devices.



4. In the new window, click on Load.



5. Enter "ActivClient(CAC)" for the Module Name.

   Click Browse to the right of the Module Filename field. Browse to the location of the ActivClient PKCS11 library, acpkcs211.dll. This is typically located at C:\Program Files (x86)\ActivIdentity\ActivClient\acpkcs211.dll in ActivClient 6.2, and C:\Windows\system32\acpkcs201-ns.dll in ActivClient vi.ane and earlier.

   Click OK, and and so OK once more in the confirmation window.



7. The confirmation bulletin volition show that the security device (CAC) was loaded. CAC certificates can now be used with the browser. Click OK to close the window.



---

Ensure the Online Certificate Status Protocol (OCSP) is Performing Revocation Checking

With any versions of ActivClient later than 6.2, these settings will be automatically configured. Nevertheless, these instructions can exist used to ostend proper configuration for older versions of ActivClient.

1. Open Firefox
2. Click on Tools > Options in the menu bar.



3. In the Options window, go to Advanced > Encryption > Validation.



4. Ensure the option Use the OCSP to ostend the current validity of certificates is checked. Also ensure When an OCSP server connection fails, treat the certificate as invalid is checked.

Safari

To get started you volition need:

• CAC (see note below)
• Card reader

You lot can get started using your CAC on your Mac OS X system by post-obit these basic steps:

1. Go a menu reader
   Typically Macs do not come up with bill of fare readers and therefore an external menu reader is necessary. At this time, the best advice for obtaining a card reader is through working with your domicile component. In add-on, please review the DoD CAC Reader Specifications for more information regarding card reader requirements.
2. Download and install the Os X Smartcard Services bundle
   The OS X Smartcard Services Bundle allows a Mac to read and communicate with a smart card. In order for your machine to recognize your CAC certificates and DoD websites equally trusted, the installer will load the DoD CA certificates on OS X. Delight refer to this page for specific installation instructions.
3. Accost the cross-certificate chaining Effect
   These instructions walk through adjusting the trust settings on the Interoperability Root CA (IRCA) > DoD Root CA 2 and the U.s. DoD CCEB IRCA i > DoD Root CA two certificates to prevent cross-certificate chaining problems. This can make it appear that your certificates are issued by roots other than the DoD Root CA 2 and tin can prevent access to DoD websites.
4. Configure Chrome and Safari, if necessary
   Safari and Google Chrome rely on Keychain Admission properly recognizing your CAC certificates.
   1. In Finder, navigate to Go > Utilities and launch KeychainAccess.app
   2. Verify that your CAC certificates are recognized and displayed in Keychain Access

Note: CACs are currently made of different kinds of bill of fare stock. To determine what card stock you have, look at the dorsum of your CAC above the magnetic strip. Most CACs are supported by the Smartcard Services package, even so Oberthur ID One 128 v5.5 CACs are not. Tertiary political party middleware is available that will support these CACS; two such options are Thursby Software'southward PKard and Centrify's Express for Smart Carte.

How To Set Up Cac Card Reader On Windows 10,

Source: https://public.cyber.mil/pki-pke/end-users/web-browsers/

Posted by: antoinepandeo.blogspot.com

Share this post