Starting with 10.11.4, my military CAC card cannot be seen by either Keychain Access or pcsctest (SCardGetStatusChange hangs). Rolling back to 10.11.3 works. System Report says the USB card reader is there. I've removed all CAC related software, rebooted, installed CAC related software, rebooted, all to no avail.
Does anyone have a workaround or a clue as to what is the issue?
I had this same problem as well after updating to 10.11.4. Try installing scmccid_mac_5.0.35.zipif you have a SCM reader. This worked for me.
Seeing what appears to be same issue: 16 Macs (two MacBook Pros, iMacs, one Mac mini) upgraded to 10.11.4. On five of them, CAC loginwindow does not appear, the USB card readers LED never lights up. Middleware appears to be functioning normally. MacBook Pros were early adopters and not afflicted. CAC not seen in Keychain Access.app.
Sending "system_profiler SPUSBDataType" via ARD shows response with following:
SCR33xx v2.0 USB SC Reader:
Product ID: 0x5116
Vendor ID: 0x04e6 (Shuttle Technology)
Version: 3.04
Speed: Up to 12 Mb/sec
Manufacturer: SCM Microsystems
Location ID: 0x1d100000 / 1
Current Available (mA): 1000
Current Required (mA): 100
Extra Operating Current (mA): 0
Restarting the Mac, switching USB ports, all fail to resolve the issue. At first the failed Macs all shared the same make/model card reader, but now it doesn't appear relevant.
Submitted bugreport #25416818
I give up, why does this work? I do have an SCM reader. What magic beans are in this that are not in /Library/Security/tokend/PKCS11.token which is what the CAC installer CACKey_0.7.5_Slandup.pkg (from the military CAC site) installs (among a few other things)?
I see its documentation readme, but I'm left mystified why this is the proper fix? How did you determine this was the install fix? Other than it works for you?
I tried it on a beater Mac. I recreated the usual set up using CACKey_0.7.5_Slandup.pkg, observed the system fail to see my CAC card through Keychain Access and pcsctest failed. I installed the installer at scmcid_mac_5.0.35.zip. After a reboot, I can now use Keychain Access to see the card, and pcsctest works.
I do not understand why this alternate way works other than 10.11.4 must bypass /Library/Security/tokend/ in looking for a driver. Thanx for you help.
Have you tried PKard from Thursby?
I wasn't able to get my PIV working on Yosemette either - I had to use a Windows VM to use credentials.
They updated ccid driver in minor releases and some cases symlink gets broken
ls -l /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/
libccid.dylib@ -> libccid.dylib.1.4.14
libccid.dylib.1.4.14*
libccid.dylib.1.4.20*
libccid.dylib.1.4.21*
To workaround the issue
sudo mkdir -p /usr/local/libexec/SmartCardServices/drivers/
sudo cp -r /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle /usr/local/libexec/SmartCardServices/drivers/
sudo ln -sf libccid.dylib.1.4.21 /usr/local/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/libccid.dylib
restart
I have the exact same issue. Upgraded to 10.11.4 and the light on my SCR3310 reader would not even light up. Visable under System Report but not in the Keychain.
I'm hestitant to use any workaround...hopefully Apple fixes this soon.
This issue appears to have been resolved in 10.11.5.
In my case - it was working in 10.11.4, but got screwed up in 10.11.5. However the fix proposed by @Metsma above (Apr 7, 2016) saved the day. Now Keychain Access recognizes the tokens again.
Here's the content of /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/
ll /usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/MacOS/
total 344
drwxr-xr-x 5 root wheel 170 Mar 22 08:49 ./
drwxr-xr-x 5 root wheel 170 Mar 22 08:49 ../
lrwxr-xr-x 1 root wheel 20 Dec 10 21:06 libccid.dylib@ -> libccid.dylib.1.4.20
-rwxr-xr-x 1 root wheel 166096 Dec 3 01:32 libccid.dylib.1.4.20*
-rwxr-xr-x 1 root wheel 166096 Mar 12 03:30 libccid.dylib.1.4.21*Adding the symlink to libccid.dylib.1.4.21 in /usr/local/... alleviated the problem.