The following article will walk you through enabling CAC support on your macOS device
Beginning with macOS 10.12 (Sierra), Apple has introduced a new API (Crypto Token Kit) for supporting PIV compatible (CAC) cards. NDU recommends that user's utilize this built-in mechanism to utilize your PIV enabled smart card.
Verifying Crypto Token Kit
If you have installed other older TokenD based software, it is highly recommended that you remove the older software so as to not conflict with crypto token kit. Older TokenD based middleware include OpenSC, Centrify, and PKard. If you have any of these software packages installed, please consult the documentation from that software to remove it.
To verify Ctypto Token Kit is enabled, follow these steps:
- In the Finder, Navigate to /Applications/Utilities double click on the Terminal application
The output should include The domain/default pair of (/Library/Preferences/com.apple.security.smartcard, DisabledTokens) does not exist
If you do not receive that text then do the following to re-enable Crypto Token Kit:
- Copy and past the following text into the Terminal window and press return on your keyboard:
sudo defaults write /Library/Preferences/com.apple.security.smartcard EnabledTokens -array com.apple.CryptoTokenKit.pivtoken
- Enter your administrative password and hit return on your keyboard. *Note you will not see anything on screen to indicate your password is being entered, this is normal
Crypto Token Kit has been re-enabled.