Hello, I could use some instructions on how to get firefox to read and use my cac card. Under Yast the card reader shows up in hardware. I have install pcsc ccid and coolkey through Yast but not sure if I need to do anything else. I have followed instructions for loading the device in firefox but it does not load my certs off of the card. Please help. Thanks
The card reader is a ActiveIdentity usb reader ver 2.0 and the light is on. which tells me the driver is loaded for the reader. I have the pcsc dameon loaded on startup but the ccid I am not sure how to load it. also the pcsc should have put an icon somewhere in SUSE but I can not find it. Please any help would be appreciated. Thanks
I haven’t had any luck getting them to work yet either.
Finding your thread got me to renew my efforts to get my CAC working. I found this site today: Linux Information page
Reading all the info available there I got pcsc and coolkey to work with Firefox and I am now accessing CAC-enabled websites.
I have two different readers that I am able to use now. An O2Micro CCID built into the laptop and an SCR331 USB reader.
I will look for your model of CAC reader at work and try to grab one to do some testing. From what you describe, it sounds like you’re pretty close to having it working.
This is obviously an older thread but I’m in the same boat. I’ve got pcsc-lite, pcsc-ccid and libpcsclite1 installed as well as coolkey. I’ve looked at dmesg and can see that my card reader (SCM SCR331) is recognized and loaded.
Nov 21 16:47:25 msnyder kernel: 991.969027] usb 3-2: new full speed USB device using uhci_hcd and address 4
Nov 21 16:47:25 msnyder kernel: 992.161163] usb 3-2: New USB device found, idVendor=04e6, idProduct=e001
Nov 21 16:47:25 msnyder kernel: 992.161179] usb 3-2: New USB device strings: Mfr=1, Product=2, SerialNumber=5
Nov 21 16:47:25 msnyder kernel: 992.161189] usb 3-2: Product: SCRx31 USB Smart Card Reader
Nov 21 16:47:25 msnyder kernel: 992.161198] usb 3-2: Manufacturer: SCM Microsystems Inc.
Nov 21 16:47:25 msnyder kernel: 992.161207] usb 3-2: SerialNumber: 21120847245744
Nov 21 16:47:25 msnyder kernel: 992.161340] usb 3-2: configuration #1 chosen from 1 choice
I’ve added the CAs to Firefox and have the device configured under Preferences->Advanced->Security Devices.
When I insert the card, the lights on the reader start flashing but nothing shows up in the logs. When I remove the card I get:
Nov 21 16:50:37 msnyder pcscd: winscard.c:362:SCardConnect() Card Not Inserted
But, when I insert it, nothing. No log entry. If I try to log into a secure site I get an error that security information can not be retrieved from my computer.
Any thoughts on what I should be looking for/at?
Slightly off-topic, but here’s an alternative solution to achieve nearly the same results:
I gave up trying to get my CAC to work in Linux. I faithfully followed the advice and instructions in all the threads, and I just couldn’t get it to work. In the end, it seemed that only a select few could find the pot of gold, and their success usually required a driver or a piece of hardware at the end of a link that resulted in a “404 Not Found” error when I selected it.
However, I recently discovered the “Lightweight Portable Security (LPS)” boot disk, created by the DoD for users seeking an alternative to the traditional Windows / ActivCard Reader / ActivCard Gold Software solution. The LPS boot disk is available at:
The LPS is an OS that boots from CD or USB flash for Intel computers that includes a minimal Linux install that doesn’t allow read or write access to the booting PC’s hard drive or the use of a wireless internet connection. Within those limits, it provides access to gov’t sites that require a CAC, including Outlook Web Access. (It’s also great for low-risk access to the internet to do things like on-line banking and browsing.)
My first attempts with LPS showed that the CAC readers I’d always used with the traditional solution didn’t work any longer. This may be part of the problem you’re having now. Both of my readers had an older version of the CAC reader firmware that was no longer acceptable. Following the instruction to flash the reader’s firmware also didn’t work for me. Rather than buy a new CAC reader, I found one of the Dell keyboards that includes a USB CAC reader for a fraction of the price of an updated CAC reader.
Both my laptop and desktop computers with the Dell keyboard installed, booted with LPS and my CAC in the keyboard reader and connected by a wire to the internet work great. I don’t do much work at home, but I now have a solution if there’s an emergency that requires it.
Whichever road you choose, good luck!
Thanks for the info. The live cd option is about the only one I’ll be trying. I don’t see myself buying a special keyboard for work.
Sorry if I misled - You don’t have to use the special Dell keyboard. The CAC reader you already have may work fine with LPS. If your CAC reader doesn’t work, the Dell keyboard/CAC reader option may be attractive due to the significant cost savings over the CAC reader alone.
No worries. I understood. 