[RESOLVED]Cannot access Navy Medical OWA

CAC access to secure web sites for Mac OS
Locked
artagel
Posts: 4
Joined: Mon Mar 14, 2011 1:28 am

[RESOLVED]Cannot access Navy Medical OWA

Post by artagel » Mon Mar 14, 2011 1:31 am

Hi,
I've been trying to access the navy medical OWA which is one of the bookmarks listed when pkard is installed. I checked to ensure it's the right url(https://sscc-fe-03.med.navy.mil/EXCHANGE). I also made sure it was added to my certificates in keychain.
Other webpages typically query me for my cac pin first, and then let me select the cert, but in this website's case it just queries for the cert immediately never asking for the pin.
Every cert i pick returns:

The page cannot be displayed

Explanation: The client certificate used to establish the SSL connection with the ISA Server computer is not from a trusted certificate authority (CA).
Try the following:

Select another certificate: Close all browser windows, open the web site again and select another SSL client certificate. If you are using a smart card, you will need to insert your smart card to select an appropriate certificate.
Technical Information (for support personnel)

Error code: 12221

Any ideas?
Last edited by artagel on Thu Mar 17, 2011 1:30 am, edited 1 time in total.

tony
Posts: 29
Joined: Thu Feb 24, 2011 10:06 am

Re: Cannot access Navy Medical OWA

Post by tony » Mon Mar 14, 2011 9:41 am

Did you close Safari by actually choosing File-->Quit? Just closing the Safari window does not quit the application as with Windows applications.

artagel
Posts: 4
Joined: Mon Mar 14, 2011 1:28 am

Re: Cannot access Navy Medical OWA

Post by artagel » Mon Mar 14, 2011 10:02 am

Well I right clicked safari and quit, but yes, I quit it all the way. If I didn't it wouldn't ask me to pick the cert again when trying to access the page.

tony
Posts: 29
Joined: Thu Feb 24, 2011 10:06 am

Re: Cannot access Navy Medical OWA

Post by tony » Mon Mar 14, 2011 4:37 pm

We are currently researching the problem. We will to get back with you as soon as possible.

tony
Posts: 29
Joined: Thu Feb 24, 2011 10:06 am

Re: Cannot access Navy Medical OWA

Post by tony » Tue Mar 15, 2011 10:28 am

Judging by the error message received, your proxy server does not recognize the chain of authority that signs the certificate on your CAC. Have your CAC issuing personnel (or their tech support) contact those responsible for configuring the proxy server to help them configure it to trust their certificate authority. ISA is Microsoft's Internet Security and Acceleration server.

artagel
Posts: 4
Joined: Mon Mar 14, 2011 1:28 am

Re: Cannot access Navy Medical OWA

Post by artagel » Wed Mar 16, 2011 12:49 am

I don't think that is the problem.
1. I am using this at home, on my mac, without a proxy server.
2. On my parallels on the same machine I can get to the server fine and authenticate and login. So i know it's not my internet connection or any kind of 'forced' proxying in the middle.

Any other ideas?
-Dan

tony
Posts: 29
Joined: Thu Feb 24, 2011 10:06 am

Re: Cannot access Navy Medical OWA

Post by tony » Wed Mar 16, 2011 11:44 am

As a test, go to Accounts in System Preferences and set up a new test login account on the Mac with administrator privileges. Then log into that account, run the PKard Assistant (in /Library/Application Support/PKard/ folder), then Safari. Let us know what happens.

artagel
Posts: 4
Joined: Mon Mar 14, 2011 1:28 am

Re: Cannot access Navy Medical OWA

Post by artagel » Thu Mar 17, 2011 1:29 am

Hi,
I created the test account and it did work.
So I went into my keys, deleted any certificate with my name on it and also all the identify preferences and ran the assistant again. After that I was able to access the site normally.
Thanks,
-Dan

Locked