how to authenticate via IE with a smartcard certificate

how to authenticate via IE with a smartcard certificate
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
how to authenticate via IE with a smartcard certificate Roysovick 11-28-2005
Posted by =?Utf-8?B?Um95c292aWNr?= on November 28, 2005, 5:42 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I have IIS configured to required client certificates. The client
certificate is embedded into a smartcard usb token device. The idea is that
the client private key never has to leave the USB token.

So, the question are: how to make IE to read the certificate embedded into
the smartcard usb token without having to import the certificate into the IE
certificates folder ? Can IE read certificates from a smartcard token ?

Thank you.
--
Roy Valenciano
IT Security Manager
Central Bank of Costa Rica

Posted by S. Pidgorny on November 29, 2005, 4:38 am
If you were  Registered and logged in, you could reply and use other advanced thread options
If you have appropriate CSP for the smartcard USB token installed on the
client PC, it will just work: the smartcard cert will appear on the list
that IE presents to you before doing cert authentication.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

>I have IIS configured to required client certificates. The client
> certificate is embedded into a smartcard usb token device. The idea is
> that
> the client private key never has to leave the USB token.
>
> So, the question are: how to make IE to read the certificate embedded into
> the smartcard usb token without having to import the certificate into the
> IE
> certificates folder ? Can IE read certificates from a smartcard token ?
>
> Thank you.
> --
> Roy Valenciano
> IT Security Manager
> Central Bank of Costa Rica



Posted by Jason Tan (MSFT on November 29, 2005, 5:18 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello,

Thanks for posting!

I understand that you want to have Internet Explorer read the certificates
from the smartcard token. If I have misunderstood your concerns, please
feel free to let me know.

Based on my research, by default, Internet Explorer does not read
certificates from the smartcard token. IE reads the certificates from the
default path. It seems that some cryptographic service provider (CSP) could
help to achieve the goal.

Some information for your reference:

313070 HOW TO: Configure Client Certificate Mappings in Internet Information
http://support.microsoft.com/?id=313070

272175 HOW TO: Configure Active Directory Certificate Mapping
http://support.microsoft.com/?id=272175

Hope the information helps.

Best Regards,

Jason Tan

Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
| Thread-Topic: how to authenticate via IE with a smartcard certificate
| thread-index: AcX0bPPtRpoBAPx2S52saKZ2fgnt1A==
| X-WBNR-Posting-Host: 200.91.79.92
| Subject: how to authenticate via IE with a smartcard certificate
| Date: Mon, 28 Nov 2005 14:42:03 -0800
| Lines: 13
| MIME-Version: 1.0
| Content-Type: text/plain;
|         charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.security
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.security:80264
| X-Tomcat-NG: microsoft.public.security
|
| I have IIS configured to required client certificates. The client
| certificate is embedded into a smartcard usb token device. The idea is
that
| the client private key never has to leave the USB token.
|
| So, the question are: how to make IE to read the certificate embedded
into
| the smartcard usb token without having to import the certificate into the
IE
| certificates folder ? Can IE read certificates from a smartcard token ?
|
| Thank you.
| --
| Roy Valenciano
| IT Security Manager
| Central Bank of Costa Rica
|


Similar ThreadsPosted
DRA certificate on smartcard - vista May 1, 2007, 3:20 pm
SmartCard Login+certificate to to AD & admins using Remote Control December 15, 2005, 10:40 pm
WWW-Authenticate error March 2, 2006, 3:57 pm
authenticate user September 21, 2006, 8:43 am
RE: Cannot authenticate to MS IAS (RADIUS) server using Linksys WAP54G June 29, 2005, 11:03 am
Several user accounts can't authenticate to secured wireless netwo October 24, 2005, 4:12 pm
smartcard , IE August 28, 2006, 9:52 am
SmartCard and Key Archival March 28, 2006, 9:41 am
ANN: Smartcard component for VS.NET May 26, 2006, 9:31 am
Smartcard help! GemPlus.. April 15, 2007, 7:54 am

The site map in XML format XML site map

Contact Us | Privacy Policy