How to setup DoD CAC support in Ubuntu 13.04

Forget what you heard. Setting up Ubuntu to use your Department of Defense (DoD) Common Access Card (CAC) doesn’t require installing several packages, a library that can only be obtained USING a CAC (like that ever made sense), installing tons of SSL certificates that are already expired, nor installing a Firefox plugin that spits out errors at you. Instead, just one line in Terminal and a quick setting change in Firefox. Let’s get to it!

Step 1

First we need to install pcscd and coolkey. pcscd is the software that helps connect to our card correctly, and coolkey is the library used for the cryptography side of things. In this case coolkey provides the public-key infrastructure (PKI) for us. To install pcscd and coolkey, simple type in Terminal:

sudo apt-get install coolkey pcscd

Step 2

Once everything is installed, we just need to tell Firefox to use coolkey for our CAC. Open Firefox, go to the menu at the top and click Edit -> Preferences. In preferences, click Advanced, then the Encryption sub-tab. Click the Security Devices button.

In the window that opens up, called Device Manager, click the Load button on the right. For Module Name, type DoD CAC. Technically this can be anything, but put something descriptive. For Module filename, you have to tell Firefox where coolkey is installed. Click browse, click filesystem on the left. Coolkey is located at /usr/lib/pkcs11/libcoolkeypk11.so. Click okay, close out of everything, and restart Firefox.

You should now be able to log into any site that requires a CAC with Firefox on Ubuntu.