Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

CAC Reader no longer works after Upgrade to Monterey

I see the CAC reader in the USB listing, I even reinstalled the drivers for my SCR3310,v2 CAC reader. However, after the system upgraded to Monterey...poof, I can no longer get into any sites that require my CAC. I also went into Military CAC and deleted, then reinstalled my certificates.


The problem is even if it opens (the certificate listing), it is blank. I used it for VMWare to work offsite but it now just shows up with a. blank in the certificate box. Need help and thanks. Hate that it worked before but no longer since it upgraded.

Posted on Nov 2, 2021 10:18 AM

Reply
Question marked as Best answer

What OS did you upgrade from?

Pre-Big Sur usually required CAC enabling software to work. Those same CAC enablers will prevent it from working in Big Sur and later. So, if you upgraded from an OS previous to Big Sur, you may still have the CAC Enabler software installed and it needs to be removed. MilitaryCAC.com has instructions somewhere on the site.

Posted on Nov 3, 2021 6:14 PM

Similar questions

35 replies

Nov 3, 2021 8:00 AM in response to Barney-15E

Initially did it without the drivers before the suggestion was to install them. This all happened "after" Monterey upgraded on my system. Before that, no problems using the CAC. Bought a new CAC just to see if that does the trick....it still does not "prompt" for certificates although it clearly shows it as functional in the Systems Report and even after going into the terminal using the "pcsctest" command which shows "Command Successful" and the reader listed as SCR3310.

Question marked as Best answer

Nov 3, 2021 6:14 PM in response to evanspa6523

What OS did you upgrade from?

Pre-Big Sur usually required CAC enabling software to work. Those same CAC enablers will prevent it from working in Big Sur and later. So, if you upgraded from an OS previous to Big Sur, you may still have the CAC Enabler software installed and it needs to be removed. MilitaryCAC.com has instructions somewhere on the site.

Question marked as Helpful

Nov 4, 2021 8:56 AM in response to Barney-15E

(RESOLVED) I had to go to the Terminal and do the commands it states in this link: https://militarycac.com/macuninstall.htm - I recall seeing this but it recommends I do it twice….after that and a restart, the certificates popped up. Hope this helps others who upgraded to Monterey because this really shut me down for a bit and even wasting money another CAC. I simply needed to "re-enable" my built-in Smart Card.


NOTE3: If you have recently updated to Mac OS Catalina (10.15.x), Mac OS Big Sur (11.00.x), or Mac OS Monterrey (12.00.x) you need to re-enable the built in Smart Card ability after removing all installed enablers listed above:

 

1. Remove your CAC from the reader

2. Open Terminal, by typing Terminal in the spotlight search

3. Copy the entire command below [starting with sudo, and ending with pivtoken] and paste it into the terminal window (or manually retype it)

 

sudo defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array && sudo defaults write /Library/Preferences/com.apple.security.smartcard EnabledTokens -array com.apple.CryptoTokenKit.pivtoken

 

3a. I recommend you run this command twice.

 

4. When prompted for your computer password, know that the cursor will not move, type it in, and hit enter to process.

 

5. After performing these steps, the built in smart card ability should be enabled.  

 

6. Logout of Terminal, 

 

7. Restart computer

Nov 4, 2021 6:33 PM in response to mklepcyk1

Here is the update and what fixed it for me.


NOTE3: If you have recently updated to Mac OS Catalina (10.15.x), Mac OS Big Sur (11.00.x), or Mac OS Monterrey (12.00.x) you need to re-enable the built in Smart Card ability after removing all installed enablers listed above:

 

1. Remove your CAC from the reader

2. Open Terminal, by typing Terminal in the spotlight search

3. Copy the entire command below [starting with sudo, and ending with pivtoken] and paste it into the terminal window (or manually retype it)

 

sudo defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array && sudo defaults write /Library/Preferences/com.apple.security.smartcard EnabledTokens -array com.apple.CryptoTokenKit.pivtoken

 

3a. When prompted for your computer password, know that the cursor will not move, type it in, and hit enter to process

 

4. It is recommended you do the command again after this...no password will be prompted

 

5. After performing these steps, the built in smart card ability should be enabled (it should actually say that in terminal that it was re-enabled).  

 

6. Logout of Terminal, 

 

7. Restart computer


I was using VMware Horizon and it prompted the certificate immediately which is all I needed.

Dec 6, 2021 1:05 PM in response to evanspa6523

Thank you for sharing. I recently upgraded to Monterey and now trying to set up my SCR3310 v2 CAC reader (was never set up before). However, after following all the instructions on militarycac.com, my CAC reader still will not read the card it seems.


I get the following message:

"An unexpected error occured validating your certificate. In order to log in with your Smart Card, please close your browser and all tabs associated with it and try again using the Authentication certificate or log in with your LOGIN ID and Password."


Do I need additional software in order for CAC reader to read my card and display certificate options? What is "VMware Horizon" and do you have a link for it, assuming that is what I am missing?



Dec 6, 2021 1:14 PM in response to dmg222

Do I need additional software in order for CAC reader to read my card and display certificate options?

No. If you have ever installed anything to use that reader or your CAC, you must remove it.

If you haven’t installed anything, it should work. You won’t see anything in keychain access. You will only get a pop up dialog asking which certificate you want to use, then a PIN entry.

CAC Reader no longer works after Upgrade to Monterey

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.