Re: Enroll certificate on a Smart Card

From: Eddy Koller [MS] (ek107129@hotmail.com)
Date: 02/13/03 

From: "Eddy Koller [MS]" <ek107129@hotmail.com>
Date: Wed, 12 Feb 2003 19:20:18 -0800

What certificate template are you using?
Try to use a V2 template, which specifies "Request can use any CSP available
on the subject's computer"

For this,
 - duplicate the Smartcard Logon template,
 - change the new created template to use any available CSP
 - Configure the CA to issue certificates based on your new created template

>From the smartcard enrollment station, select the new created template.

Please let me know if that helps. 

-- 
Eddy Koller [MS]
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples, if any, are subject to the terms specified
at http://www.microsoft.com/info/cpyright.htm
"Cranky" <crankykong21@hotmail.com> wrote in message
news:65bc07bd.0302120314.5203ac7e@posting.google.com...
> Hello,
>
> I would like to use Smard Card for interactive logon.
>
> So I have set up and configure a enterprise CA, install my Smard Card
> Reader (ACR 30U from ACS)
>
> So I go the the Smart Card Enrollment Station to request my
> certificate.
> But in the list with the different Cryptographic Service Provider, I
> have only the choice between :
> Gemplus GemSAFE Card CSP 1.0
> Schlumberger Cryptographic Service Provider
>
> But the card that I receive from ACS are ACOS1 Smart Card
>
> So I try to enroll with both CSP in the list but I have always the
> same message :
> "An unexpected error ocured. Error: Please insert the user's Smart
> Card"
>
> but the card is in the reader...
>
> So what can I do ?
> Can I use the Gemplus CSP or the Schlumbergere CSP with ACOS1 Smart
> Card ?
>
>
> Thanks a lot

Relevant Pages

  • Re: Enroll certificate on a Smart Card
    ... You will need to install the CSP software from your card vendor before this ... > I have try with SmartCard Logon and SmartCard User template and I ... > Windows Server 2003 family and Windows XP ...
    (microsoft.public.win2000.security)
  • Re: Windows logon through smart card.
    ... The card vendor should have a CSP ... You are correct that the certificate is stored only on the smart card. ...
    (microsoft.public.platformsdk.security)
  • Re: Smartcard Issue in 2003?
    ... is the CSP installed on the web server? ... the web enrollment agent is the enrollment agent template, ... > Sorry for all my questions, but i have really problems with understanding> all the "undocumented implicit actions" taken when changing the certificate> templates. ... > (as far as i have seen, the default, grayed out template are allways used> anyway, and only the three default smartcard csp's can be choosen, even> though the template says "any CSP")> ...
    (microsoft.public.platformsdk.security)
  • Re: Enroll certificate on a Smart Card
    ... I have try with SmartCard Logon and SmartCard User template and I ... Please insert the user's Smart Card") ... > - change the new created template to use any available CSP ...
    (microsoft.public.win2000.security)
  • Re: Smart card enrollment issues
    ... On the enrollment station: I use the Certificates mmc snap in, and similarily choose "enroll certificate on behalf of anoher user. ... I have duplicated the "smart card logon" template, that template is not available from the enrollment station. ...
    (microsoft.public.windows.server.security)