Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-3531: PIV card cannot login after certificate renewal

Authentication Service ,   Mac & PC Management Service ,  

30 September,16 at 03:30 PM

Applies to:  All versions of Centrify DirectControl using smart cards

 
 

Question:

 AD users are able to authenticate and login with their PIV cards. When the certificate is renewed, the user can no longer login with the PIV card and the login shakes.

How can renewed certificates be re-accepted on the systems?

 
 

Answer:

Run the following commands to clear out any cached tokens:

 

sudo rm -rf /var/db/TokenCache/tokens

sudo mkdir /var/db/TokenCache/tokens

 

Remove and re-insert the card, the system should re-cache the certificates from the card with the updated information.

 

 

See the following KB for other smart card troubleshooting tips:

 

  • KB-3018: Troubleshooting smart card issues on Mac systems

 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-1617: Troubleshooting smart card issues on Mac systems article[Labs] Using YubiKey (PIV or OATH OTP) to Secure Centrify Identity Service and Privilege Service articleKB-5316: How to configure smart card authentication for SSH from Mac to Linux articleKB-7555: Unable to login as root after upgrade to Centrify Suite 2016 (CDC 5.3.0) article[Howto] Set up Centrify Identity Service or Privilege Service for MFA using Smart Card article[Labs] New Series: Strong Authentication using Centrify/MS PKI/OATH for Servers, Apps, SAPM/PSM article[Labs] Using Centrify+Yubikey for Strong Authentication for Windows Access and Privilege Elevation article[Labs] Using Centrify+AD+YubiKey to secure UNIX/Linux access with Strong Authentication articleKB-3925: How to add Centrify parameter to a group policy