These are the installers for the larger Smart Card Services project as well as smaller specific installers for individual components, for various macOS releases as noted.
These are forward thinking (and sometimes unstable) services and enhancements that are not supported by Apple’s customer support division, AppleCare, so please do not call them if you are using anything from this site. If you absolutely must receive AppleCare support, it is highly suggested you do not use any of the installers or instructions posted to this project.
If you experience any issues or have questions pertaining to their installation or use, please post that to the relevant Smart Card Services mailing lists. Members of the mailing lists will make every attempt to assist you, but that too is not a replacement for a support contract.
Note: Starting with the October 1, 2015 release of the installer for macOS El Capitan v10.11, we will be signing the installers and TokenD bundles for integrity assurance. The installer will be recognized and install properly with Gatekeeper set to default or higher and are installed in a new location (/Library/Security/tokend) to work with System Integrity Protection (SIP) enabled on El Capitan or later. Installers for older versions of macOS have been re-posted, incremented to v2.1.2, and digitally signed. The installation location remains as they were on those OS releases.
|SHA-256 Hash of .zip File
|macOS Sierra v10.12
|macOS El Capitan v10.11
|macOS Yosemite v10.10
|macOS Mavericks v10.9
|macOS Mountain Lion v10.8
|macOS Lion v10.7
|macOS Snow Leopard v10.6
These installers provide the TokenD modules which no longer ship directly from Apple as part of macOS beginning with Lion v10.7. Note that these installers will only install onto the corresponding macOS version. The TokenD modules available for installation are: BELPIC, CAC, CACNG, JPKI and PIV, which have all been updated to build 50000 and bundle IDs of
org.macosforge.smartcardservices.tokend.<Token Type>. Previous bundle IDs were configured as
New to this release:
Security Update SCSSU-201401
CVE-2013-1867 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1867
Full Disclosure - http://seclists.org/fulldisclosure/2013/Mar/189
Bug Traq ID: 58618 - http://www.securityfocus.com/bid/58618
Installers updated to v2.0.1 to include an updated JPKI.tokend due to build configuration errors specific to this TokenD. The previous JPKI.token provided in installer v2.0 will fail operational testing and use, so please replace it immediately. If you experience any failure in replacing the previously installed JPKI.tokend, please execute the following command, requiring admin privileges, to remove the currently installed TokenD and re-run the installer:
rm -R /System/Library/Security/tokend/JPKI.tokend
None at this time
CAC-NG 1.0 shipped in macOS Snow Leopard v10.6.7 and is no longer available as a beta.
OS Requirement: macOS Snow Leopard v10.6.0–10.6.6
This build supports the Gemalto TOPDLGX4 144 cards, but does not yet support the Oberthur ID One 128 v5.5 Dual card. Subsequent builds will provide support needed for the Oberthur card. If you attempt to access this newer Oberthur card, it will be picked up by the original CAC.tokend and will show no certs/keys within Keychain Access, indicating a lack of support.
OS Requirement: macOS Leopard v10.5.6–10.5.8
SHA-1 Hash: bfa96cccd380b54fbb81dada44897c5d0ff5fa39
All issues reported with the previous installers (v.90 & v.95) have now been fixed!
The Smart Card Services project team is pleased to provide access to the BETA for CAC Next Generation (a.k.a. CAC-NG) TokenD support for macOS Leopard v10.5. Support for Snow Leopard is forthcoming, but you can proceed to test with your macOS 10.5.6+ machines with this installation.
OS Requirement: macOS Tiger v10.4
SHA-1 Hash: 231e7c1999ab4fc9cc134b99d4227801eba14e07
This is an AppleScript tool which allows you to set an Identity Preference for mapping a URI (e.g. URL or email address) to one of multiple valid certificates. Beginning with macOS Leopard v10.5.0, this capability was built into the Keychain Access utility, so this tool is not necessary if you are running Leopard or later.