APPLE MACINTOSH COMPUTER SUPPORT PAGE for CATALINA (currently 10.15.4)
Released on 7 October 2019
DO NOT UPDATE to 10.15.4 IF your CAC is working on 10.15.3. For the majority of the people I have heard from who updated NO LONGER are able to use their CAC on their Mac. I [and a couple of other people] are working with Apple directly to find a fix. I know this comes at a very bad time for you, as you are probably relying on it more than ever.
The below are items that have worked for others. The idea is to try one. If it doesn't work, try the next. Your outcome will vary, and may not work.
12 May 2020 - If you are using a reader such as the SCR-3500 with the USB C cord, make sure you are inserting your CAC in the right way. The company logo or chip outline will need to face up, and therefore your face will also face the ceiling.
12 May 2020 - Reminder for anyone overseas trying to access https://web.mail.mil and having problems, you may need to utilize a VPN.
08 May 2020 - Another idea is to power off your computer, then power on while holding the shift key. Once powered on, log in while holding down the shift key, after entering your pass code. Doing these two steps prevents third party drivers and apps from loading.
04 May 2020 - It seems one big issue has been one specific CAC being issued. Please look at the back of your CAC. If it is the "G+D FIPS 201 SCE 7.0" CAC (see image below)It appears DMDC never provided one to Apple to test. So, Mac OS Catalina 10.15.4 is not able to read it.
Option 1: One person was using the IOGear reader, and when she changed to an SCR-3310 v2 reader she was able to use her CAC on both Mac OS Catalina 10.15.4 and a Windows Surface 8.1 RT
Option 2: You can "ask" your ID card office if they have any other card stock. But, prepared to hear the answer "No." Until Apple can get one of these cards and update their Operating System, you may not be able to utilize your CAC on your Mac OS 10.15.4 computer.
23 APR 2020 - If you are using the SCR-331 reader, you will need a newer reader. See my page of readers to find a compatible reader. Although it did work for one person. Go figure. :)
13 APR 2020 - Unpair your Smart Card per these instructions:
13 APR 2020 - Delete all DoD certificates from Keychain access. Then re add them (instructions), then [painfully] manual trust all 60 some certificates (this will take you a lot of time, as each certificate will ask for your computer password). Not my recommended choice, but might work for you. I am not sure how this will let your computer see your CAC. But, something you can try if you have the 30 or so minutes to kill.
11 APR 2020 - Install OpenSC, ignore the disabling of the built in Smart Card support
10 APR 2020 - Install Microsoft Edge and use it as your web browser as opposed to Safari or Chrome
08 APR 2020 - Still testing and unable to figure out why a majority of people are having problems. This particular version of Mac OS seems to be causing other issues as well. See Tech Radar article from 07 APR 2020
Between mid October 2019 and mid February 2020 everyone in the Army was migrated to PIV AUTH certificate for Email access. You will now select the CAC certificate WITHOUT the word Email in it. So, you no longer select your Email certificate for Enterprise Email.
Mac users who upgrade to Mac OS Catalina (10.15.x) need to uninstall all 3rd Party CAC enablers per https://militarycac.com/macuninstall.htm
If you purchased your Mac with Catalina, you can skip the Macuninstall page, and go directly to the MacNotes page
Unable to sign a PDF using Adobe?
Please verify these settings on your Mac:
Open an Adobe PDF file,
Select the words Adobe Reader [or Acrobat Reader] (at the top of the screen)
Under Categories, scroll down to Signatures
In the Creation and Appearance section, click More
Make sure Enable CryptoTokenKit framework support is checked.
You also need to change the Default Signing Format from PKCS#7-Detached to CAdES-Equivalent
Close Adobe Reader
Double click an Adobe PDF file you need to sign
Problems accessing DTS?
You have to use the Safari web browser (Chrome has not worked for anyone)
Select the Show Details (button)
Click the link titled: visit this website
Click the button that shows: Visit Website
Enter your computer password, [you are manually adding the web address to your keychain access].
Click Update Settings (button)
DTS should now open for you.
I have added some sites I know are having this issue here. You can download the certificates you need. Then will only need to double click it and do a manual trust on them.
Here's How to manually trust the certificate(s): Double click the certificate, select the triangle next to Trust, in the When using this certificate: select Always Trust.
Air Force users who utilize VMware Horizon need to update their client
Here is the link:
You will see in Table 1 that no CAC enablers are compatible with Mac OS Catalina.
Discounted prices on the programs mentioned below can be viewed here
If you have questions or suggestions for this site, contact Michael J. Danberry
Are you interested in subscribing to the CACNews email list?
Last Update or Review: Saturday, 16 May 2020 19:27 hrs
The following domain names all resolve to the same website: ChiefsCACSite.com, CommonAccessCard.us, CommonAccessCard.info, & ChiefGeek.us