PKI User Certificate on Smart Card auto renewal ?

PKI User Certificate on Smart Card auto renewal ?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
PKI User Certificate on Smart Card auto renewal ? booster 08-29-2007
Posted by =?Utf-8?B?Ym9vc3Rlcg==?= on August 29, 2007, 11:22 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello

I'm using a Enterprise issuing CA with an enrollment Station to issue smart
card certificate on behalf of users.

everything works fine.

now i'm not sure how to enable and configure the environment to make an
automatically renewal of the certificate on the smart card, without the user
visiting the Enrollment Agent.

Is it only necessary in the template, or do i have to configure a group
policy to initiate the renewal proces`s ?

Thanks,
--
~~~~~~~~~~~~~~~~~~~~
..is an MCSE 2003 and MCDBA
~~~~~~~~~~~~~~~~~~~~


Posted by Saurav Sinha [MSFT] on August 30, 2007, 2:34 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
If Auto-enrollment is configured then in the template of the smartcard
certificate go to the "Issuance Requirements" tab and ensure "Valid Existing
certificate" radio button is checked for "require the following for
reenrollment" option.
Also you must have inserted the smart card into a reader attached to the
machine at least once for the certificate to be propagated to the store in
the machine


Posted by =?Utf-8?B?Ym9vc3Rlcg==?= on August 31, 2007, 2:08 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Thank you, so no group policy settings are required, is that right ?
The certificate check is to ensure that the user has at least 1 issued
certificate from the enrollment agent.

I will try that.


--
~~~~~~~~~~~~~~~~~~~~
..is an MCSE 2003 and MCDBA
~~~~~~~~~~~~~~~~~~~~



"Saurav Sinha [MSFT]" wrote:

> If Auto-enrollment is configured then in the template of the smartcard
> certificate go to the "Issuance Requirements" tab and ensure "Valid Existing
> certificate" radio button is checked for "require the following for
> reenrollment" option.
> Also you must have inserted the smart card into a reader attached to the
> machine at least once for the certificate to be propagated to the store in
> the machine
>
>

Similar ThreadsPosted
Certificate for Smart Card User September 3, 2008, 5:26 am
Smart Card Login + Certificate Login to AD -> Lost smart card December 15, 2005, 10:03 pm
Smart Card Login + Certificate Login to AD -> Lost smart card December 15, 2005, 10:41 pm
PKI Question - User Certificate Renewal February 21, 2008, 4:56 pm
Q: Seconary certificate on a smart card August 5, 2006, 6:24 am
Smart card certificate validity period November 21, 2005, 8:10 am
Smart Card based Logon & User ID and Password June 17, 2005, 10:09 am
PKI - Manual Enroll - Auto Renewal - Possible? May 22, 2008, 1:05 am
S/MIME Certificate renewal in W2K3 - EX2K3 infrastructure October 6, 2008, 2:13 am
Smart Card Logon July 20, 2006, 2:39 am

The site map in XML format XML site map

Contact Us | Privacy Policy