Stack Overflow
Stack Overflow

Questions tagged [cac]

The Common Access Card (CAC) is a United States Department of Defense (DoD) smart card, used for email signing, authentication, and access to DoD computers and networks.

The Common Access Card (CAC) is the standard identification for active-duty military personnel, Selected Reserve, DoD civilian employees, and eligible contractor personnel. It is a smart card that can be used for PKI and PIV purposes. In addition it has a 2D bar code for additional identification.

CAC Developer Resources.

110 questions
3
votes
1 answer

How to get NGINX / Django to detect when CAC / smartcard is removed?

I have a Django application that sits behind Nginx, which requires the user to authenticate via a government CAC (Smartcard). The CAC ID is read by Nginx and passed to Django, which maps that ID to a Django User and logs in that user. That part…
PaulP
  • 527
  • 1
  • 7
  • 16
3
votes
1 answer

Bypass choose a digital certificate and present user with pin prompt

I am working with a c#.net application right now where I have smartcard authentication working properly, by allowing users to pick their digital certificate and enter their pin. However I want to do away with allowing the user to pick their…
Ben
  • 784
  • 3
  • 12
  • 32
2
votes
1 answer

Implementing PKI authentication in Spring Security

I'm trying to figure out where and how I can implement PKI authentication in an existing Spring Security implementation. I changed my configuration of my server.xml in tomcat to have two Connectors to handle "normal" username and password…
rwyland
  • 1,637
  • 3
  • 16
  • 30
2
votes
1 answer

How to get Node.Js to allow me to provide client cert with smart card/cac

I am trying to build a CAC authentication system using node.js but am having trouble. I followed a few tutorials regarding setting up a https server and I can get that to work just fine; however, using the logic below, whenever I access my…
nonrecurring
  • 43
  • 4
2
votes
0 answers

Client authentication using CAC (smartcard) with python M2Crypto

I'm trying to use M2Crypto and urllib2 to communicate with a website protected by a CAC (smartcard). Doing some research, my understanding is that I need to provide client side cert and private key from the card, and the CA certs which I've…
msephr
  • 21
  • 2
2
votes
1 answer

Why would an organization use separate certs for identity and signing?

The DoD does this and I can't figure out the use case for it. They have different intermediate CAs, but I just can't think of a situation where they would want to distrust one CA and not the other. What are the cons of just adding the Signing and…
Saikron
  • 41
  • 3
2
votes
2 answers

How Do You Program a Website to Use a Certificate for Authentication?

My company is looking at using card based certificates (like CACs) for authentication on a web site; instead of the user entering a username and password this information would be extracted from the certificate. How does one go about programming the…
mja
  • 69
  • 1
  • 2
  • 9
2
votes
2 answers

How to specify certificate's alias name in system property while making a 2way SSL connection?

I am trying to run a Java client with 2way SSL, which uses CAC card as keystore for the client. I have added the following system property in my client program to make it work and also changed the java.security file to add pcks11…
Thangaraj P
  • 21
  • 1
2
votes
1 answer

DoD PKI CAC authentication in Tomcat (embedded in JBoss)

I need to support DoD issued CAC-based authentication in my web application deployed in JBoss. Could someone give me pointers on where to start, the steps involved, etc? Also, which JCE provider should I go with (OpenSSO, BountyCastle, etc)? I tried…
krish palaniappan
  • 51
  • 4
2
votes
2 answers

How to detect smartcard insertion or removal event in linux

Folks, I'm working on a certificate authentication app that will authenticate user based on CAC inserted. How do I know when the CAC is inserted / removed? I'll be "catching" that event in C++ or Java. Thanks.
user375525
  • 35
  • 5
2
votes
1 answer

Get Name/UID from DoD CAC Card Only

Could someone please tell me a way to just store the username from a DoD CAC card? I do not need to do any authentication, just have the name from a card stored as a variable. I don't think the machine reading the cards will have any network…
dcclassics
  • 896
  • 1
  • 12
  • 38
2
votes
1 answer

Where can I find a list of APDU commands for a DoD CAC

I am looking for APDU commands to be used for a DoD CAC. I'm trying to pull as much information as I can off the card. So far Google has not been of any help.
nwnoga
  • 577
  • 3
  • 12
  • 22
2
votes
0 answers

Smartcard (CAC) authentication using HttpClient

Every day I need to connect to a website that requires authentication using a CAC. I connect this website and then check if there are any notifications for me. I would like to automate this routine. I'm planning to use an HttpClient, but I'm not…
digoferra
  • 1,001
  • 3
  • 17
  • 33
2
votes
0 answers

How can I use my certificate on my CAC to sign an assembly written in Visual Studio 2008?

I want to sign a .NET assembly using the certificate located on my Common Access Card (CAC). Most instructions I've found involve creating a Personal Information Exchange (.pfx) file from the certificate (.cer) file. But, during the process of…
Matt
  • 45
  • 5
2
votes
2 answers

DoD CAC PDF417 Compression

Does anybody have any idea where the EDIPI / CII compression methodology, used in the PDF417 barcode (front of the CAC), is explained or documented? The closest reference I found is this document:…
Andy
  • 3,141
  • 3
  • 27
  • 22
1 2
3
4 5 6 7 8