Smart Card Certificate Logon and Smart Card Wireless EAP-TLS
From: erha (rudy_at_guardmydata.com)
Date: 05/19/05
- Next message: Rhett Gong [MSFT]: "RE: Renaming Domain Controllers within w2k3 Active directory..."
- Previous message: Shawn Corey [MSFT]: "Re: CAPICOM signing problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 19 May 2005 09:39:11 +0800
Hi all,
I have post this problem before. Since there is no reply, I will try to
re-phrase my problem.
Here is the question:
Is there anybody out there succesfully implement Smart Card Certificate
Logon and Smart Card Wireless EAP-TLS together ?
The Wireless EAP-TLS do not allow 'Smart Card Logon' on the Extended Key
Usage.
When Smart Card Logon appears on the Certificate EKU, the Wireless EAP-TLS
will failed.
So I assume we cannot use the same Certificate for the Certificate Logon and
Wireless EAP-TLS.
And I can create two different certificates for this two process.
BUT here is the problem ....
Both Smart Card Certificate Logon and Smart Card Wireless EAP-TLS call my
CSP to query for default container.
Since now I used two different certificates for this two process, how can I
know which certificate I shall used when there is a query for default
continer ?
If I used the Certificate with 'Smart Card Logon' on the EKU, the Wireless
EAP-TLS will failed.
If I used the Certificate without 'Smart Card Logon' on the EKU, the
Certificate Logon will failed.
Can anybody from Microsoft clarify this ?
Have Microsoft test this scenario before ?
Thanks for any help.....
Rudy
- Next message: Rhett Gong [MSFT]: "RE: Renaming Domain Controllers within w2k3 Active directory..."
- Previous message: Shawn Corey [MSFT]: "Re: CAPICOM signing problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
