Configuring a client to support Smart Card and certificate login

Client machines require middleware and modifications to browsers to enable the use of Smart Cards and for certificate login. Customers who are already using Smart Cards should not require additional modifications to their client machines.

About this task

The following are the common client configuration requirements:

Installing Smart Card middleware, such as ActivClient (see http://militarycac.com/activclient.htm)
Modifying the IE browser (see http://militarycac.com/files/Making_AKO_work_with_Internet_Explorer_color.pdf)
Modifying the Firefox browser (see https://militarycac.com/firefox2.htm)

Additional configuration steps include the following:

Steps

Disable unnecessary dialog pop-ups when launching the Java client:
1. Open the "Java" control panel.
2. Select the "Advanced" tab.
3. Select "Advanced Security Settings".
4. Clear the "Use certificates and keys in browser keystore" option.
Import soft certificates into a user's personal certificates using the Chrome browser:
1. Navigate to "Advanced Settings".
2. Select "Manage Certificates"
3. Select the "Personal" certificates tab".
4. Select "Import...".
5. Choose the .p12 file.
6. Complete the wizard, making sure to fill in the password field with the password that was used to create the certificate.
Similar steps are required to configure the Internet Explorer and Firefox browsers.