Snow Leopard users have been having more and more problems accessing CAC enabled websites due to [what we think is] a software update by Apple.  Follow the guidance below for updating your OS and your Safari web browser.

If you plan on updating to Lion [10.7.x], please know that it does NOT have built in Smart Card ability (like your Snow Leopard does).  Please visit the Lion support page for more information.

You "should be able to" use your CAC with your [Snow Leopard (10.6.x)] Apple computer

Download / Save this page as a single / printable PDF

Lion (10.7.x) users, please utilize the Lion support page

Leopard (10.5.x) users, please utilize the Leopard support page

Tiger(10.4.x) users, please utilize the Tiger support page

If your CAC does not work, you may have received one of the PIV II CAC's.  You can verify by looking on the back above the black magnetic strip for either of these:  "Gemalto TOP DL GX4 144" or "Oberthur ID One 128 v5.5 Dual" (see below), or "Oberthur ID One V5.2a Dual" (see below).

Gemalto TOP DL GX4 144 cardholders should download the Mac OS X 10.6.8 Update Combo v1.1.  If it still doesn't work, consider purchasing and installing PKard.

If Safari does not work after installing the Update Combo file above, we recommend you download Safari 5.1.  However, a large share of people are having better luck using Google Chrome rather than Safari.

If your Safari is crashing or reports an error when visiting a CAC-enabled web site, you are using Chrome and still having problems follow guidance in the Thursby forums.

Oberthur ID One 128 v5.5 Dual & some 5.2a cardholders will [more than likely] need to purchase and install PKard, as this is the only way we've been able to find to support your particular CAC.  You may also take the risk of using the [no support] (open source) OpenSC, CACkey, or Charismathics Smart Security Interface (CSSI-PIV) programs. 

You will have to install Windows in a virtual environment to be able to use Lotus Forms and ApproveIt.  NOTE:  Your computer must have an Intel processor. 

An older version of PureEdge [with a few tweaks] is available here for your Mac.  So, IF you only need to complete a form (and NOT sign it) give it a try.

Article on how to utilize Windows on your Mac from Online Tech Tips.com

How to make a web server think you're using Internet Explorer

How to configure Firefox on your Snow Leopard Mac video (using CAC key)

You can download the dod_configuration-1.3.3.xpi Firefox installation file from Forge.mil (but you may not need it)

The following information is provided for your situational awareness while setting up your CAC on your Mac.  It is updated as additional information is available and your input is appreciated for solutions not outlined here.  Installation instructions can be found below.

ActivClient is a middleware program used by the DoD to facilitate the communication between your Windows computer and your Common Access Card.  It was offered for the “Tiger” release (Mac OS X 10.4.X) and is not compatible with Snow Leopard (the current release of Mac OS X (10.6.8)).  The program is available for purchase through the manufacturer, and is not available for download from DoD.  The use of this program is not supported here for Apple operating systems, as it is not required and won't work with Snow Leopard (10.6.x).

Lotus Forms is currently only available for Windows. You will have to install Windows in a virtual environment or use Apple's native Boot Camp to be able to use Lotus Forms and ApproveIt.  NOTE:  Your computer must have an Intel processor.

An older version of PureEdge [with a few tweaks] is available here for your Mac.  So, IF you only need to complete a form (and NOT sign it) give it a try.

Windows on your Mac (You MUST have an Intel processor, it will NOT work with a PPC processor):  While you have made a conscious decision to “be a Mac,” the Government has not, and therefore the easiest solution for some problems, such as:  Digitally signing forms with Lotus Forms and ApproveIt, some websites (including digitally signing / encrypting emails in OWA), is to use Windows through a Virtual Machine, such as Parallels Desktop (PDF), VMware Fusion (Parallels vs. VMware comparison), or VirtualBox  or through Apple’s native Boot Camp.  This will require you to have a legal copy of Microsoft Windows.  With these programs, you can install the ActivClient, Lotus Forms, and ApproveIt software and also utilize all the DoD tools from your Mac.  The benefit of the Virtual Machines over Boot Camp is that it will allow you to run Windows as an additional program (without restarting your computer) and keep OS X running the entire time. 

DTS (Defense Travel System) has been upgraded to a Java web applet instead of the proprietary [Windows only] DBSign.  This should allow you to use DTS from your Mac. 

NOTE:  If you get a blank page after successfully logging into DTS trying to navigate to your Authorizations or Vouchers, Click the word Safari, Preferences, Select Security, uncheck the box for Block pop-up windows. 

NOTE for 64 bit Macs:  You may need to run Safari in 32 bit mode vs. 64 bit.  Here's how:  Go to Applications in Finder, right click get info on Safari.  Check the box Open in 32bit mode, then launch Safari

DCO (Defense Connect Online) works with your Snow Leopard Mac since the servers have been updated.  Make sure you select the check box to Allow all applets from "www.dco.dod.mil" with this signature and select Allow.  You "should" now see a Java based screen with logon / password, or CAC PIN.  Select the CAC PIN option.

CAC Readers:  With a variety of CAC readers available today there are also a variety of issues.  The SCR series of CAC readers work very well.  The SCR-331 reader may need a Firmware Update.  See several different models of  USB CAC readers here.  You will see a small note on some of the readers to show you how to make them compatible with your Mac.  Here is a web page that lists all known CAC readers and whether they are supported, should work, or unsupported with the Mac OS'.

HQDA Citrix access information for your Mac  How to guide

Outlook Web Access / Apps (OWA): The use of OWA on Mac currently has a known issue with time outs.  Beware that when using OWA on your Mac that if you are inactive on the primary window, e.g. the inbox, while replying to an email, your browser may time out.  On a Windows computer the ActivClient software  maintains communications with the server and re-requests validation of your credentials.  On a Mac this is not so, Safari will respond to a direct request for validation of your credentials, however it will not re-request that you verify as the server requires.  Be sure that prior to selecting the Send button that you copy your work to the clipboard as you will most likely have to restart Safari and log back in.  You also will not be able to digitally sign / encrypt / decrypt emails since the S/MIME software doesn't exist for a Mac.

Internet Explorer Emulation:  If you visit a website with your Mac that states it can only be accessed via Internet Explorer, or some web pages simply won't work while using your CAC with Safari, please try this:  Make sure your Mac is updated (like steps 1 & 2 below).  Open Safari, Click on the word Safari (in the bar at the top), select Preferences..., Advanced, click the Show Develop menu in menu bar box.  Close Advanced screen.  Now when you need to emulate IE, click on the word Develop (at the top), click User Agent, then select Internet Explorer 7 or 8.  This was received from the Air Force IMA JAGs.

Air Force Users look here for some helpful information

 Setting up your CAC for use on your Snow Leopard (10.6.x) Mac:

Download / Save this entire page as a PDF

Step 1: Update your system.  (10.6.8 is the last version of Snow Leopard)

Step 2: Plug in your CAC Reader to an available USB Port

Step 3: Click the Apple Icon in the upper left corner of your desktop and select "About This Mac"

Step 4: Click the "More Info" Button within the window that pops up. (This opens System Profiler)

Step 5: Within the "Hardware" Category select "USB." On the right side of the screen the window will display all hardware plugged into the USB ports on your Mac. You should see “Smart Card Reader.”  If the Smart Card reader is present, it is installed on your system, and no further hardware changes are required, e.g. additional drivers / Firmware upgrades.  You can now Quit System Profiler.  NOTE:  Please look at the Version:  If you are using an SCR-331 Reader with version 5.25, it should work fine.  If it is below 5.25, please update your firmware.

Step 6: Click: Go, Applications, Utilities, (click the little triangle to open it up), double click Keychain Access. 

NOTE:  If you don't see Go, click the finder icon  in your taskbar. Click Applications (under Places), Utilities, Keychain Access 

In Keychain Access, you should see your name with your EDI-PI after your last name.  You may also see CAC-XXXX-XXXX-XXXX, CAC-NG-...XXXX-XXXX-XXXX-XXXX, or PIV II