question

odensun-9109 avatar image
0 Votes"
odensun-9109 asked VickyWang-MFST answered

Smart Card Authentication Requirements

Hello, I was trying to hopefully get clarification regarding smart card login using third party certificates. I have a home network that consists of two domain controllers, each DC has one third party certificate that allows smart card login, my question is whether one or both of these domain controllers has to be configured as a certificate authority using the third party certificate in order to allow smart card login? All the documentation i've read on this doesn't seem to indicate this is needed if the certificate is installed under the personal certificate store (without configuring as a certificate authority), however i've never actually got login to work just using this method. Any help is appreciated. Thank you.

windows-serverwindows-server-2012
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

VickyWang-MFST avatar image
0 Votes"
VickyWang-MFST answered

hi,
Thanks for your reply and waiting.


》》If the domain controller isn't configured as certificate authority?

According to my knowledge and understanding, it is like this.

Hope this information can help you

Best wishes

Vicky

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

VickyWang-MFST avatar image
0 Votes"
VickyWang-MFST answered odensun-9109 commented

Hi,
Thank you for posting in our forum.
Because this is a three-party certificate, for security reasons, we recommend that you consult this third-party software.
But according to my own knowledge and understanding, I should not follow CA if the certificate is installed under the personal certificate store.
Because it is not our Microsoft product, my judgment may not be accurate, and I need to find a professional to help you confirm
Hope this information can help you
Best wishes
Vicky

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for your reply. With regards to the third-party certificate, as far as I can tell there's nothing wrong with the certificate and it's properly configured to allow smart card login. So from what you've said it seems like the third-party certificate should work as long as it's installed under the personal store, even if the domain controller isn't configured as certificate authority? Of course all of this is assuming I have all intermediate certs installed correctly under the proper stores.

0 Votes 0 ·