Download Middleware For Cac Reader
2021年1月27日Download here: http://gg.gg/o17u0
The wikis are now using the new authentication system.If you did not migrate your account yet, visit https://idp-portal-info.suse.com/
*Cac Card Reader Software Download
*Download Middleware For Cac Readers
*Cac Middleware Software Windows 10
*Free Middleware For Cac
*Download Middleware For Cac Reader Windows 7
*Download Middleware For Cac Reader Software
*Download Middleware For Cac Reader Win 7
MIDDLEWARE FOR CAC AUTHENTICATION (SITUATIONAL) Not all circumstances require a smartcard middleware application. Evolving development of CAC modernization changes the requirements for smartcard middleware applications for users of different organizations. XWindows users who authenticate with EMAIL/SIGNATURE certificate (10 digit ID #) will be. Oracle Fusion Middleware Software Downloads Oracle WebLogic Server 14c (14.1.1.0) The generic installer includes all Oracle WebLogic Server and Oracle Coherence software, including examples, and is supported for all development and production purposes. The quick installer is. PIV Middleware » CAC Middleware » Hi-Assurance Middleware » Hades III Readers » Non-Domain Middleware PIV Middleware. PIV Minidriver - Is an enterprise based middleware. The solution developed by 90meter utilizes the Microsoft OS platform to enable smartcards natively in the OS.
Download Here; CAC smart card reader requirements (as of August 2007). Or middleware should outline the issues in an e-mail to DMDC at. ’Modernizing the Common. Download32 is source for cac middleware shareware, freeware download - django-middleware-extras, Secure Storage service for the gLite middleware, OCSelot, HS MSG C/C Messaging Library, Massively multiplayer game middleware, etc. Jump to: navigation, searchThis is to help setup DoD Common Access Card (CAC) Reader also known as a Smart Card Reader. This procedure is tested to work with the DoD CAC, Oberthur ID One 128 v5.5 Dual.
Tested on openSUSE
Recommended articles
Related articles
*3Install the Middleware
*3.2PKCS #11 module
*4Smart Card Reader Driver
*4.1Start Up the Daemon
*6Configure Firefox
*7Configure Chrome / Chromium
*11External Links
*12See also
Preface
US Department of Defense (DoD) now limits access to many of its websites to be via a smart Common Access Card (CAC) authenticated with a Personal Identification Number (PIN). The following is a guide to assist in setting up openSUSE to access CAC-enabled DoD websites.SLES 12
SLES 12 specific instructions can be found here:Install the Middleware
The Linux CAC Reader stack is based on a set of middleware called PCSC (Personal Computer Smart Card), written by the MUSCLE (Movement for the Use of Smart Cards in a Linux Environment) project.Packages available through openSUSE
In order to use the DoD CAC you must install the the following packages:
*pcsc-lite - PCSC Smart Cards Library
*pcsc-ccid - generic USB CCID (Chip/Smart Card Interface Devices) driver
*perl-pcsc - Abstraction layer to smart card readers
*pcsc-tools - Optional but highly recommended, these tools are used to test a PCSC driver, card and reader
*http://software.opensuse.org/package/pcsc-tools
*Note: Be sure to select the package that corresponds with your distribution version.
Alternatively, install the packages Through Terminal:
PKCS #11 module
There are three working modules to access the PKCS #11 keys on your CAC. Each have their strengths and limitations. You will need to choose which version works best for you. In most situations, CoolKey is preferred.OpenSC
OpenSC provides a set of utilities to access smart cards. It facilitates their use in security applications such as mail encryption, authentication, and digital signature. This module has a broader feature set than CoolKey or CACkey and you are able to access your PIV certificate for those individuals that are Dual Persona. This module is speedy like CoolKey and doesn’t lag like CACkey. This may be the best option if you are dual persona and do not wish to use CACkey from DISA.
Alternatively, install OpenSC Through Terminal:CoolKey
Coolkey is available through the openSUSE software repository. This is arguably the most stable method for accessing your CAC. The downside is, Dual Persona individuals that have the activated PIV certificate will not be able to access it rendering you not able to access the DoD Enterprise Email certificates. If you are not Dual Persona this is by far the best module to use as it is stable, accesses certificates quickly and does not cause the pcsc daemon to hang. Direct link to the software package:
Alternatively, install CoolKey Through Terminal:CACkey
CACkey is available from DISA’s on the Forge.mil Linux development site. This works but is very slow to access the CAC certificates. The system will hang long enough that the sites may time out. It does work and sometimes requires an untimely page refresh. A machine with working CAC authentication is required for the DISA download. Once obtained, the RPM will install without issue.
Forge.mil hosts the CACkey package, but it requires CAC authentication to download the packages. Easiest may be to download all on a CAC enabled machine and then transfer to the Linux machine. From forge.mil download:
*the latest version of CACkey
*the DoD Configuration extension for Firefox has been deprecated and has been replaced with these Instructions from DISA.
Recommend these be stored on AKO Cloud, Dropbox, portable media, or other location to ensure continued access.
This seems to be the most reliable option if you are a dual persona. The CACkey was recently updated which addressed performance issues.
CACkey Alternate download
This location is not CAC Protected and has the source available for download as well
Smart Card Reader Driver
Without installing any additional drivers the following card readers are tested and work without issue:
*You may have to install additional drivers for your hardware. Check your hardware and search using the key word pcsc.Start Up the Daemon
This should happen automatically, but if it does not start up on your system, here is how you can activate/enable the SmartCard daemon:Graphical Method
*From YaST:
*Open YaST
*System Services (Runlevel)
*Select the Expert Mode Radio button
*Search for pcscd, select from the drop down Start/Stop/Refresh select Start
*Select ’OK’ to close the windowTerminal MethodTesting your Smart Card Driver
Open a terminal (ie konsole, x-term or other) and type/enter. You might have to insert a smart card in order for the message to pop-up.
Similar to the following means the card reader is working properly:
Similar to this indicates a need to check for additional driver requirements for your hardware:
Then check again to see if the PCSC Daemon (pcscd) is running.Verify SmartCard Deamon is Active and Reading Your CAC
At anytime if you don’t seem to get response from the SmartCard, check and see if the daemon is active by executing this in terminal:
If you remove and insert your card with no response during the scan, the daemon has crashed.
If you find that the pcsc daemon has crashed you can run this in terminal to restart the daemon:Authority Certificates
Download extract and install the DoD Certificates.
The certificates can be obtained from this link:
Make note of the location you stored these certificatesConfigure Firefox
Firefox requires manual selection of the PKCS #11 module.
The aforementioned DoD Configuration extension has been deprecated and will no longer install into Firefox.Import Certificates
The current method of installing the certificates is one-by-one. This can be done through Firefox import mechanism.
Firefox 57 and later
*Preferences > Privacy & Security
*Scroll Down to Security Section
*Select View Certificates
Continue for All versions of FirefoxCac Card Reader Software Download
*Select the Import... button at the bottom of the dialog.
The certificates that require installation are the following
*DOD CA-27 through DOD CA-32,
*DOD EMAIL CA-27 through DOD EMAIL CA-34,
*DOD EMAIL CA-39 through DOD EMAIL CA-44,
*DOD ID CA-33 through DOD ID CA-34,
*DOD ID CA-39 through DOD ID CA-44,
*DOD ID SW CA-35 through DOD ID SW CA-38,
*DOD ID SW CA-45 through DOD ID SW CA-48, and
*DoD Root CA 2 through DoD Root CA 4Set Firefox to Require Selection of Certificate
When accessing multiple CAC protected pages, some pages will require different certificates from the card. Some require the non-email certificate while Enterprise Email will require the email certificate.Firefox 56 and earlier
*Preferences > Advanced > Encryption
*Select the radio button in front of ’Ask me every time.’
Firefox 57 and later
*Preferences > Privacy & Security
*Scroll Down to Security Section
*Below the Certificates heading, select the radio button in front of ’Ask me every time.’Set CAC Module
Firefox 57 and later
*Open Preferences > Privacy & Security
*Scroll Down to Security Section
*Select Security DevicesDownload Middleware For Cac Readers
Continue for All versions of Firefox
*Check the left column. It should show an entry similar to ’CAC Module’ along with certificate(s) as a sub-item. If it doesn’t work then the entries are wrong.
*Select the entry and select Unload to remove the security device
*To install/reinstall the CAC driver in Firefox using the above listed Security Devices
*Select Load on the dialog box
*Module name should be something like: DoD CAC
*Module filename: either type in or browse to the location of the libcoolkeypk11.so, libcackey.so or opensc-pkcs11.so drivers
*The files will be located under either:
orCac Middleware Software Windows 10Configure Chrome / Chromium
Unfortunately, Chrome (Chromium) doesn’t automatically recognize the CAC once you’ve completed all the previous steps but it doesn’t take much more work to get Chrome to work with the CAC.
In order to utilize the CAC within Chrome it is necessary to install mozilla-nss-tools. You can do so through the openSUSE software installation site or through terminal:
While in a terminal in your home directory run one of the two following commands as your user:
*For 32-bit systems:
*For 64-bit systems:
Make sure that the utility is properly installed
If it is properly installed there will be an entry with ’CAC Module’ and details of the library, slot and status. If you were not in your home directory when configuring modutil you will receive an error like ’modutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database.’
Chrome should now be able to utilize the CAC without any issuesRemoving CAC Module
If you have previously installed libcackey.so and you wish to utilize CoolKey instead, you will have to unload the ’CAC Module’:Test out your browser
Go to a CAC-enabled web site (www.us.army.mil) and test the CAC login.Free Middleware For Cac
Be patient as there may be a delay while authenticating with the CAC.
The PIN and certificate selection authentication process is in the reverse of what you may be used to when using non-Linux machines. Expect to be prompted first for PIN and then certificateselection. Troubleshooting
It is possible that the PCSC Daemon can hang, to restart the service in terminalAdditional Notes
The Defense Travel System no longer requires Oracle Java in order to function correctly.
If you have trouble with IcedTea See the instructions on SDB:Installing_Java to install.
If you have previously used the CACkey module for accessing the Defense Travel System and now use Coolkey, you will have to edit the configuration file:
Alter the line that contains the following information (/usr/lib64/ for 64bit and /usr/lib/ for 32bit):Download Middleware For Cac Reader Windows 7
It should reflect the coolkey module:Download Middleware For Cac Reader SoftwareExternal LinksTeam members
*FutureboyTalk - ContributionsSee alsoDownload Middleware For Cac Reader Win 7Related articles Retrieved from ’https://en.opensuse.org/index.php?title=DoD_Common_Access_Card_(CAC)_Reader&oldid=144398’
Download here: http://gg.gg/o17u0
https://diarynote-jp.indered.space
The wikis are now using the new authentication system.If you did not migrate your account yet, visit https://idp-portal-info.suse.com/
*Cac Card Reader Software Download
*Download Middleware For Cac Readers
*Cac Middleware Software Windows 10
*Free Middleware For Cac
*Download Middleware For Cac Reader Windows 7
*Download Middleware For Cac Reader Software
*Download Middleware For Cac Reader Win 7
MIDDLEWARE FOR CAC AUTHENTICATION (SITUATIONAL) Not all circumstances require a smartcard middleware application. Evolving development of CAC modernization changes the requirements for smartcard middleware applications for users of different organizations. XWindows users who authenticate with EMAIL/SIGNATURE certificate (10 digit ID #) will be. Oracle Fusion Middleware Software Downloads Oracle WebLogic Server 14c (14.1.1.0) The generic installer includes all Oracle WebLogic Server and Oracle Coherence software, including examples, and is supported for all development and production purposes. The quick installer is. PIV Middleware » CAC Middleware » Hi-Assurance Middleware » Hades III Readers » Non-Domain Middleware PIV Middleware. PIV Minidriver - Is an enterprise based middleware. The solution developed by 90meter utilizes the Microsoft OS platform to enable smartcards natively in the OS.
Download Here; CAC smart card reader requirements (as of August 2007). Or middleware should outline the issues in an e-mail to DMDC at. ’Modernizing the Common. Download32 is source for cac middleware shareware, freeware download - django-middleware-extras, Secure Storage service for the gLite middleware, OCSelot, HS MSG C/C Messaging Library, Massively multiplayer game middleware, etc. Jump to: navigation, searchThis is to help setup DoD Common Access Card (CAC) Reader also known as a Smart Card Reader. This procedure is tested to work with the DoD CAC, Oberthur ID One 128 v5.5 Dual.
Tested on openSUSE
Recommended articles
Related articles
*3Install the Middleware
*3.2PKCS #11 module
*4Smart Card Reader Driver
*4.1Start Up the Daemon
*6Configure Firefox
*7Configure Chrome / Chromium
*11External Links
*12See also
Preface
US Department of Defense (DoD) now limits access to many of its websites to be via a smart Common Access Card (CAC) authenticated with a Personal Identification Number (PIN). The following is a guide to assist in setting up openSUSE to access CAC-enabled DoD websites.SLES 12
SLES 12 specific instructions can be found here:Install the Middleware
The Linux CAC Reader stack is based on a set of middleware called PCSC (Personal Computer Smart Card), written by the MUSCLE (Movement for the Use of Smart Cards in a Linux Environment) project.Packages available through openSUSE
In order to use the DoD CAC you must install the the following packages:
*pcsc-lite - PCSC Smart Cards Library
*pcsc-ccid - generic USB CCID (Chip/Smart Card Interface Devices) driver
*perl-pcsc - Abstraction layer to smart card readers
*pcsc-tools - Optional but highly recommended, these tools are used to test a PCSC driver, card and reader
*http://software.opensuse.org/package/pcsc-tools
*Note: Be sure to select the package that corresponds with your distribution version.
Alternatively, install the packages Through Terminal:
PKCS #11 module
There are three working modules to access the PKCS #11 keys on your CAC. Each have their strengths and limitations. You will need to choose which version works best for you. In most situations, CoolKey is preferred.OpenSC
OpenSC provides a set of utilities to access smart cards. It facilitates their use in security applications such as mail encryption, authentication, and digital signature. This module has a broader feature set than CoolKey or CACkey and you are able to access your PIV certificate for those individuals that are Dual Persona. This module is speedy like CoolKey and doesn’t lag like CACkey. This may be the best option if you are dual persona and do not wish to use CACkey from DISA.
Alternatively, install OpenSC Through Terminal:CoolKey
Coolkey is available through the openSUSE software repository. This is arguably the most stable method for accessing your CAC. The downside is, Dual Persona individuals that have the activated PIV certificate will not be able to access it rendering you not able to access the DoD Enterprise Email certificates. If you are not Dual Persona this is by far the best module to use as it is stable, accesses certificates quickly and does not cause the pcsc daemon to hang. Direct link to the software package:
Alternatively, install CoolKey Through Terminal:CACkey
CACkey is available from DISA’s on the Forge.mil Linux development site. This works but is very slow to access the CAC certificates. The system will hang long enough that the sites may time out. It does work and sometimes requires an untimely page refresh. A machine with working CAC authentication is required for the DISA download. Once obtained, the RPM will install without issue.
Forge.mil hosts the CACkey package, but it requires CAC authentication to download the packages. Easiest may be to download all on a CAC enabled machine and then transfer to the Linux machine. From forge.mil download:
*the latest version of CACkey
*the DoD Configuration extension for Firefox has been deprecated and has been replaced with these Instructions from DISA.
Recommend these be stored on AKO Cloud, Dropbox, portable media, or other location to ensure continued access.
This seems to be the most reliable option if you are a dual persona. The CACkey was recently updated which addressed performance issues.
CACkey Alternate download
This location is not CAC Protected and has the source available for download as well
Smart Card Reader Driver
Without installing any additional drivers the following card readers are tested and work without issue:
*You may have to install additional drivers for your hardware. Check your hardware and search using the key word pcsc.Start Up the Daemon
This should happen automatically, but if it does not start up on your system, here is how you can activate/enable the SmartCard daemon:Graphical Method
*From YaST:
*Open YaST
*System Services (Runlevel)
*Select the Expert Mode Radio button
*Search for pcscd, select from the drop down Start/Stop/Refresh select Start
*Select ’OK’ to close the windowTerminal MethodTesting your Smart Card Driver
Open a terminal (ie konsole, x-term or other) and type/enter. You might have to insert a smart card in order for the message to pop-up.
Similar to the following means the card reader is working properly:
Similar to this indicates a need to check for additional driver requirements for your hardware:
Then check again to see if the PCSC Daemon (pcscd) is running.Verify SmartCard Deamon is Active and Reading Your CAC
At anytime if you don’t seem to get response from the SmartCard, check and see if the daemon is active by executing this in terminal:
If you remove and insert your card with no response during the scan, the daemon has crashed.
If you find that the pcsc daemon has crashed you can run this in terminal to restart the daemon:Authority Certificates
Download extract and install the DoD Certificates.
The certificates can be obtained from this link:
Make note of the location you stored these certificatesConfigure Firefox
Firefox requires manual selection of the PKCS #11 module.
The aforementioned DoD Configuration extension has been deprecated and will no longer install into Firefox.Import Certificates
The current method of installing the certificates is one-by-one. This can be done through Firefox import mechanism.
Firefox 57 and later
*Preferences > Privacy & Security
*Scroll Down to Security Section
*Select View Certificates
Continue for All versions of FirefoxCac Card Reader Software Download
*Select the Import... button at the bottom of the dialog.
The certificates that require installation are the following
*DOD CA-27 through DOD CA-32,
*DOD EMAIL CA-27 through DOD EMAIL CA-34,
*DOD EMAIL CA-39 through DOD EMAIL CA-44,
*DOD ID CA-33 through DOD ID CA-34,
*DOD ID CA-39 through DOD ID CA-44,
*DOD ID SW CA-35 through DOD ID SW CA-38,
*DOD ID SW CA-45 through DOD ID SW CA-48, and
*DoD Root CA 2 through DoD Root CA 4Set Firefox to Require Selection of Certificate
When accessing multiple CAC protected pages, some pages will require different certificates from the card. Some require the non-email certificate while Enterprise Email will require the email certificate.Firefox 56 and earlier
*Preferences > Advanced > Encryption
*Select the radio button in front of ’Ask me every time.’
Firefox 57 and later
*Preferences > Privacy & Security
*Scroll Down to Security Section
*Below the Certificates heading, select the radio button in front of ’Ask me every time.’Set CAC Module
Firefox 57 and later
*Open Preferences > Privacy & Security
*Scroll Down to Security Section
*Select Security DevicesDownload Middleware For Cac Readers
Continue for All versions of Firefox
*Check the left column. It should show an entry similar to ’CAC Module’ along with certificate(s) as a sub-item. If it doesn’t work then the entries are wrong.
*Select the entry and select Unload to remove the security device
*To install/reinstall the CAC driver in Firefox using the above listed Security Devices
*Select Load on the dialog box
*Module name should be something like: DoD CAC
*Module filename: either type in or browse to the location of the libcoolkeypk11.so, libcackey.so or opensc-pkcs11.so drivers
*The files will be located under either:
orCac Middleware Software Windows 10Configure Chrome / Chromium
Unfortunately, Chrome (Chromium) doesn’t automatically recognize the CAC once you’ve completed all the previous steps but it doesn’t take much more work to get Chrome to work with the CAC.
In order to utilize the CAC within Chrome it is necessary to install mozilla-nss-tools. You can do so through the openSUSE software installation site or through terminal:
While in a terminal in your home directory run one of the two following commands as your user:
*For 32-bit systems:
*For 64-bit systems:
Make sure that the utility is properly installed
If it is properly installed there will be an entry with ’CAC Module’ and details of the library, slot and status. If you were not in your home directory when configuring modutil you will receive an error like ’modutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database.’
Chrome should now be able to utilize the CAC without any issuesRemoving CAC Module
If you have previously installed libcackey.so and you wish to utilize CoolKey instead, you will have to unload the ’CAC Module’:Test out your browser
Go to a CAC-enabled web site (www.us.army.mil) and test the CAC login.Free Middleware For Cac
Be patient as there may be a delay while authenticating with the CAC.
The PIN and certificate selection authentication process is in the reverse of what you may be used to when using non-Linux machines. Expect to be prompted first for PIN and then certificateselection. Troubleshooting
It is possible that the PCSC Daemon can hang, to restart the service in terminalAdditional Notes
The Defense Travel System no longer requires Oracle Java in order to function correctly.
If you have trouble with IcedTea See the instructions on SDB:Installing_Java to install.
If you have previously used the CACkey module for accessing the Defense Travel System and now use Coolkey, you will have to edit the configuration file:
Alter the line that contains the following information (/usr/lib64/ for 64bit and /usr/lib/ for 32bit):Download Middleware For Cac Reader Windows 7
It should reflect the coolkey module:Download Middleware For Cac Reader SoftwareExternal LinksTeam members
*FutureboyTalk - ContributionsSee alsoDownload Middleware For Cac Reader Win 7Related articles Retrieved from ’https://en.opensuse.org/index.php?title=DoD_Common_Access_Card_(CAC)_Reader&oldid=144398’
Download here: http://gg.gg/o17u0
https://diarynote-jp.indered.space
コメント