CAC Middleware Options

CAC middleware creates the bridge between your smart card reader hardware and the applications that need to read your CAC certificates. Understanding your options helps you choose the right solution.

What Is CAC Middleware?

Middleware is software that translates communication between your CAC reader and applications like web browsers and email clients. It handles certificate retrieval, PIN validation, and cryptographic operations on your behalf.

ActivClient

ActivClient is the most widely deployed CAC middleware in government environments:

• Full PKCS#11 support for all browsers
• Certificate management tools
• PIN caching and management
• Available through enterprise licensing

ActivClient is typically provided by your organization’s IT department rather than purchased individually.

OpenSC (Open Source)

OpenSC is a free, open-source middleware option:

• Works on Windows, Mac, and Linux
• PKCS#11 module for Firefox and other applications
• Command-line tools for certificate management
• Community-supported with active development

Download OpenSC from github.com/OpenSC/OpenSC

90Meter (Mac)

90Meter is designed specifically for macOS users:

• Lightweight installation
• Integrates with macOS Keychain
• Supports older Mac hardware
• Available from militarycac.com

Windows Native Support

Windows 10 and 11 include built-in smart card support through the Microsoft Base Smart Card Crypto Provider. For basic CAC authentication, you may not need additional middleware at all. However, some organizations require ActivClient for additional features.

Choosing the Right Option

• Enterprise users: Use whatever your IT department provides (usually ActivClient)
• Personal Mac: Try native support first, add 90Meter if needed
• Linux users: OpenSC is your primary option
• Windows home users: Native support often works, OpenSC as backup