Reset Search
 

 

Article

KB44283 - Pulse Client : Unable to read certificates from smart card into mac key-chain on Catalina

« Go Back

Information

 
Last Modified Date10/8/2019 10:35 AM
Synopsis
This article describes an issue where Pulse client is unable to read certificates from smart card into mac key-chain on Catalina
Problem or Goal

Due to failure in recognizing the smart card certificate under "key Chain Access", pulse client is failing to establish tunnel.
Cause
This is due to the changes that Apple has brought in. The following link details regarding Catalina specific changes for smartcard - HT210541
 
Apple has changed the existing framework and mandated to use cryptotokenkit framework instead of TokenD which was used until Mojave release. The driver support  to read certificates from smart card  is provided by third party packages. However with Catalina, these are broken as none of the software providers are supporting it.

Of the two flavors of smart card – PIV based and CAC based, Apple has very recently provided drivers for PIV based smart card. Pulse Secure is working on supporting the same on priority and will update the KB once we have an ETA on the release which will have the support.

However so far none of the third party software's currently support CAC based smart card on Catalina. We are constantly monitoring the developments in open source community and will incorporate changes to our code to support CAC based smart cards as and when its available.
 
Solution
Related Links
Attachment 1 
Created Byjai laisram

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255