Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-3531: PIV card cannot login after certificate renewal

Centrify DirectControl ,   Centrify Identity Service, Mac Edition ,  

30 September,16 at 03:30 PM

Applies to:  All versions of Centrify DirectControl using smart cards

 
 

Question:

 AD users are able to authenticate and login with their PIV cards. When the certificate is renewed, the user can no longer login with the PIV card and the login shakes.

How can renewed certificates be re-accepted on the systems?

 
 

Answer:

Run the following commands to clear out any cached tokens:

 

sudo rm -rf /var/db/TokenCache/tokens

sudo mkdir /var/db/TokenCache/tokens

 

Remove and re-insert the card, the system should re-cache the certificates from the card with the updated information.

 

 

See the following KB for other smart card troubleshooting tips:

 

  • KB-3018: Troubleshooting smart card issues on Mac systems

 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.