Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-3531: PIV card cannot login after certificate renewal

Authentication Service ,   Mac & PC Management Service ,  

30 September,16 at 03:30 PM

Applies to:  All versions of Centrify DirectControl using smart cards



 AD users are able to authenticate and login with their PIV cards. When the certificate is renewed, the user can no longer login with the PIV card and the login shakes.

How can renewed certificates be re-accepted on the systems?



Run the following commands to clear out any cached tokens:


sudo rm -rf /var/db/TokenCache/tokens

sudo mkdir /var/db/TokenCache/tokens


Remove and re-insert the card, the system should re-cache the certificates from the card with the updated information.



See the following KB for other smart card troubleshooting tips:


  • KB-3018: Troubleshooting smart card issues on Mac systems