Certificate for Smart Card User

Discussion in 'Software' started by Jacek Jurkowski, Sep 3, 2008.

  1. I installed Microsoft CA on Windows Server 2008,
    configured it properly to issue a Certificates for
    SmartCard Users. Everything works fine. Im
    requesting certificate from my computer using
    SmartCardUser certificate and its issued to me by CA
    and installed in local store. But how in the name of Lord can i
    download that certificate into a smart card? Its
    private key isn't exportable so i cannot import it
    into my Alladin Token. The only way i figured out
    is to create a new CA template based on SmartCardUser,
    mark its private key as exportable. Certificate issued
    that way works fine and my Alladin can import it but
    i think it should be less complicated. Why Windows
    (Vista) doesnt allow to save certificate to a token during
    enrollment process and stores it automatically in
    local store?



    --
    ------------------------------------------
    Jacek Jurkowski - Datacomp
     
  2. On Wed, 3 Sep 2008 11:26:11 +0200, Jacek Jurkowski wrote:

    > I installed Microsoft CA on Windows Server 2008,
    > configured it properly to issue a Certificates for
    > SmartCard Users. Everything works fine. Im
    > requesting certificate from my computer using
    > SmartCardUser certificate and its issued to me by CA
    > and installed in local store. But how in the name of Lord can i
    > download that certificate into a smart card? Its
    > private key isn't exportable so i cannot import it
    > into my Alladin Token. The only way i figured out
    > is to create a new CA template based on SmartCardUser,
    > mark its private key as exportable. Certificate issued
    > that way works fine and my Alladin can import it but
    > i think it should be less complicated. Why Windows
    > (Vista) doesnt allow to save certificate to a token during
    > enrollment process and stores it automatically in
    > local store?


    You need to configure the template to use the CSP provided by Alladin.
    --
    Paul Adare
    MVP - Identity Lifecycle Manager
    http://www.identit.ca
    Every program in development at MIT expands until it can read mail.
     

Share This Page