This guide is for you if:
- You have a smart card reader and (universal) electronic signature bought from InfoNotary (can be a different company, hardware, etc – just change the necessary steps), you are using Mac OS X, and want to do some e-banking because you value your time and prefer to cut your wrists instead of physically visiting a bank in BG to do any kind of work.
- You haven’t set up e-banking under Mac OS before OR you did set it up but then you decided to upgrade to Mountain Lion (OS X 10.8) because it is simply better.
Follow these steps:
- Download the smart card reader driver. Note I personally own ACR38T USB dongle, so I used:
wget http://repository.infonotary.com/install/mac/OpenSC-0.12.2-10.7.dmg
Run pcsctest from the terminal to check your exact card reader model, find, and install the relevant driver for it – check this link for additional smart card readers and drivers. - Install the dmg – in the window opened, you will see OpenSC-0.12.2-10.6.pkg.
- Under Mountain Lion only, you have to hit Ctrl + Open because InfoNotary is an unidentified developer to Apple – GateKeeper will not let you install it otherwise.
- Under Mountain Lion only, you will notice the pkg install will fail because of a version check (checks for 10.6, works on 10.7, but not 10.8). Do the following:
- $ cp -rf /Volumes/OpenSC-0.12.2-10.7/OpenSC-0.12.2-10.6.pkg ~/Desktop
- $ vim ~/Desktop/OpenSC-0.12.2-10.6.pkg/Contents/Resources/InstallationCheck
- Comment out the following three lines (Perl comments are done with #):
if(CheckVersion(“$SYSTEM_VERS”, “10.7.9”, “ProductVersion”, “>”)) {
$EXIT_VALUE = ((1 << 6) | ( 1 << 5 ) | 18 );
last;
} - Save and install the modified pkg – this time it should pass successfully.
- Check the pcscd daemon, should run as root:
$ ps aux | grep pcscd | grep -v ‘grep pcscd’
root 36 0.0 0.0 625420 1968 ?? S 10:33PM 0:03.92 /usr/sbin/pcscd -f - Run the following commands:
- $ /Library/OpenSC/bin/opensc-tool -l # shows the connected card readers
- $ /Library/OpenSC/bin/opensc-tool -n # shows if your smart card reader has been correctly identified.
- Under Mountain Lion only, If you get the below error when running those commands:
dyld: Library not loaded: /usr/lib/libltdl.7.dylib
Referenced from: /Library/OpenSC/bin/opensc-tool
Reason: image not found
Trace/BPT trap: 5
You need to install the missing library libtool:
brew install libtool
brew link libtool
If you don’t know what HomeBrew is, shoot yourself in the head…or at least read and follow this guide to install it. - When the missing libtool is taken care of, restart your Mac or better execute:
sudo killall pcscd
sudo /usr/sbin/pcscd -f & - Do some sanity checks:
opensc-tool -l # should see your card reader listed here, e.g. “Detected readers (pcsc) 0 Yes ACS ACR 38U-CCID 00 00”
opensc-tool -n # should see a message about correct identification of your card reader, e.g. “Using reader with a card: ACS ACR 38U-CCID 00 00 CardOS M4”
pkcs15-tool -D # see the objects on the actual smart card e.g. info about public RSA key, X.509 certificate, PIN, etc
pkcs11-tool -lt —module opensc-pkcs11.so # check if your electronic signature works correctly, will ask for PIN - Once everything with the smart card reader is OK, you want to configure Firefox to use the new OpenSC PKCS#11 module. There is a working (!!!) Firefox plugin for that available, so check it out. Previous years we had to do manual config e.g. under Linux.
- Finally, open the Infonotary test site. You should get something like this:
Вашият КЕП от InfoNotary работи коректно!
Your digital certificate from InfoNotary works fine! - Open the e-banking website for your bank (e.g. FIB) and your SSL certificate should be installed (disconnect the smart card reader and it is gone as it should be). Happily do some e-banking and do not
forget my IBAN is BG39FINV91501000117730. I also drink beer :)