APPLE COMPUTER - HOW TO CLEAR THE LOGIN SECTION OF KEYCHAIN
If you have problems accessing websites with your CAC please try the following ideas.
Ideas 1-3 are for Safari users
Idea #1: Manually delete the websites you are having problems accessing.
This can also help if you lost access [for no apparent reason] to any sites you use your CAC on.
Step 1-1: Click: Go (top of screen), Utilities, double click Keychain Access.app
(You can also type: keychain access using Spotlight (this is my preferred method))
Step 1-2: Select login (under Keychains), and All Items (under Category) see image below. You will see all items that are being saved in your Keychain Access. These can include your Airport password for your home Wi-Fi network and / or CAC websites / Identity preferences that you have visited and used your CAC on previously.
Step 1-3: Click the column heading titled Kind, scroll down to Identity preference, Delete all CAC enabled websites you are having problems accessing. You can hold your control key and click your single button Mac mouse and select Delete, or if you have a two button mouse right click and select Delete.
Example of mail.mil entries to remove. You will see something different than "mont."
NOTE: Yours will probably have a red circle with a white X
Some of the same "bad certs" that have caused problems for Windows users are now showing up in the keychain access section on Macs.
If you see them, delete them
Once all mentioned certs above are deleted, close keychain
Step 1-4: Remove CAC from reader, then reinsert it.
Step 1-5: Clear your web browser history, then revisit the CAC website you were having problems accessing.
Step 1-5a: Click on the word Safari, then Clear History...
Step 1-5b: Make sure all history is selected in the Clear (box), then select the Clear History (button) select the Clear History (button)
NOTE: If you accidently delete the login folder rather than the items inside it, you can restore it by navigating to /users/<username>/library/keychains/login.keychain and double clicking it.
Solution found at: http://discussions.apple.com/thread/1948993?threadID=1948993
Idea #2: You may have a corrupt preference.
Open Safari, click the word Safari, Reset Safari... this will clear out cached pages
Further ideas can be seen on Apple Support
Idea #3: Clearing the old certificates (after receiving a new CAC)
The Mac OS will cache some information about your CAC in
order to read the data faster the next time it's being used on your
computer. Sometimes this cache can cause issues after receiving a new
ID card. Thursby's suggestion is that you remove your card from the
reader if its present, download the utility from the link below, then
run the app for "if you have received a new card or new certs." This
will clear all of the token cache information by running a Terminal
command. Also, there will not be a completion dialog, and at most
you may be prompted to type in your computer password.
If you feel comfortable using command line, you can Run in Terminal.app:
sudo rm -rf /var/db/TokenCache/tokens/
Instructions "borrowed" from this page
Firefox does not use the keychain access, it stores the files within the web browser. Here is how to clear them:
1. Select the 3 equal lines in the upper right corner of your web browser.
2. Select: Preferences
3. Select: Advanced
4. Select: Certificates
5. Select: View Certificates
6. Select: Servers
7. Scroll down to: U.S. Government
8. Select the certificates you want removed, then click Delete...
If you are still having problems, contact us
The four current CAC "models" are: "GEMALTO TOP DL GX4 144", "GEMALTO DLGX4-A 144", "G&D FIPS 201 SCE 3.2," and Oberthur ID One 128 v5.5 Dual."
You can verify by looking on the back of your ID card above the black magnetic strip for either of these:
You may also visit the individual pages for each version of OS X supported via this website:
If you have questions or suggestions for this site, contact Michael J. Danberry
Are you interested in subscribing to the CACNews email list?
Last Update or Review: Tuesday, 19 July 2016 22:13 hrs
The following domain names all resolve to the same website: ChiefsCACSite.com, CommonAccessCard.us, CommonAccessCard.info, ChiefGeek.us, and MilCAC.us