A few weeks ago I needed to do some paperwork with the administration and I wanted to avoid queues and do it from home. As I had an expired DNIe certificate, I went to the police station to renew it but, for whatever reason, my DNIe chip was defective and could not be used. So until today that I haven’t renewed it I haven’t been able to configure everything and use it.
As I know from my own experience that making the DNIe work on Mac can be an odyssey we have followed the guide of our colleague Eugenio on how to install the DNIe in the easiest way possible and that it really works. Until today I have never managed to make it work.
Obviously before we start we will need to have the following installed on our Mac. For reference I have made it work on OS X Mavericks 10.9.2 without any problem.
- Firefox. The first thing will be the Firefox browser that we can download from Mozila’s official website. In Mac these certificates can only be installed in Firefox, so if we want to do procedures with our DNIe we will have to install it whether we want or not. I have left it installed but without being the main browser. By the way, both the 32-bit and 64-bit versions work.
- Software for the DNIe. After having installed Firefox, it is necessary to install the driver for the DNIe. It is as simple as going to the Ministry’s website and downloading the file opensc.dnie-18.104.22.168.dmg. We open it, install it step by step and that’s it. I probably got an error at first because Firefox had not finished installing.
- The hardware. Of course we will need a smart card reader compatible with eID certificates. In principle there is no need to install any CD or anything. This would overwrite the drivers we have already installed. To know if it works you only have to connect the USB with the card inserted: if the LED blinks it means that it is trying to read, everything is correct.
If we have ever tried to do an installation and it didn’t work for us then it is best to remove all trace of previous installations. If this is the first time we’ve done this we can move on to the next section.
The first thing to do is open the Terminal – inside Applications, Utilities – and enable the superuser or the root with the command dsenableroot. This will prompt us for our user account password and the root which we can set as we like. If we don’t know what we are installing it is best to execute all the commands.
sudo LibraryOpenSCbindnie-uninstallsudo rm vardbreceipts*dni*
This will remove the drivers from the eID. The following will uninstall the drivers from the reader.sudo LibraryOpenSCbinopensc-uninstallsudo usrlocalbinopensc-uninstall
Finally disable the root account again with the dsenableroot -d command. Now we have everything cleared up to start with the requirements above: Firefox and the driver .
The first thing will be to install the root certificate of the DNIe in Firefox. We go to the Firefox preferences , in the Advanced section within the Certificates tab and click on the View Certificates button. Now we're going to import the certificate we installed earlier.
In this window we must click on the Import... button and search in the following path Macintosh HD> Library> OpenSCDNIe> share> ac_raiz_dnie.crt the certificate in question and check all three boxes as in the image. Now we have the root certificate in Firefox. The next thing is to install the reader module.
Close the certificate window and open the Security devices window and click on the Load... button to load the PKCS device