Using smartcards to logon to Windows - Issue smart card certificate management [2/4]
Moderator: product
- JavaCardOS
- Posts: 273
- Joined: Thu Apr 30, 2015 12:00 pm
- Points :2405
- Contact:
Using smartcards to logon to Windows - Issue smart card certificate management [2/4]
To let smart card users login windows workstation, workstation should issue smart card certificate to users firstly. Smart card certificate is a digital certificate stored in user's smart card. Operations are as follows:
1> In "Server Manager" window, select "Roles->Active Directory Certificate Services -> server-WIN-BP8PSK12IOH-CA -> Certificate Templates", right-click the option " Certificate Templates". In the popup menu, select "New –> Certificate Template to Issue"
Then the dialog box "Enable certificate Templates" will pop up, select "SmartCard Logon", "Smartcard User", "Enrollment Agent(Computer)", " Enrollment Agent", Click OK.
After adding templates, return "Server Manager" window and the new template you create will be there.
2> Open IIS manager and select "Server Certificate" under root directory :
Select the configured CA, click "Create Self-Signed Certificate in the right sidebar, type the certificate name (e.g. JAVACARD_CA), click "OK".
Select Default web Site and then click "Bindings…" in the right sidebar. In the popup "Site Bindings" dialog box, click "Add…". Select "https" under Type in "Add Site Binding" dialog box,and set SSLCertificate as certificate name, click OK. At this time, https protocol has been set.
1> In "Server Manager" window, select "Roles->Active Directory Certificate Services -> server-WIN-BP8PSK12IOH-CA -> Certificate Templates", right-click the option " Certificate Templates". In the popup menu, select "New –> Certificate Template to Issue"
Then the dialog box "Enable certificate Templates" will pop up, select "SmartCard Logon", "Smartcard User", "Enrollment Agent(Computer)", " Enrollment Agent", Click OK.
After adding templates, return "Server Manager" window and the new template you create will be there.
2> Open IIS manager and select "Server Certificate" under root directory :
Select the configured CA, click "Create Self-Signed Certificate in the right sidebar, type the certificate name (e.g. JAVACARD_CA), click "OK".
Select Default web Site and then click "Bindings…" in the right sidebar. In the popup "Site Bindings" dialog box, click "Add…". Select "https" under Type in "Add Site Binding" dialog box,and set SSLCertificate as certificate name, click OK. At this time, https protocol has been set.
You do not have the required permissions to view the files attached to this post. Please login first.
Who is online
Users browsing this forum: No registered users and 29 guests