![]() ![]() Run the command : certutil –csp Įx: certutil –csp “Microsoft Base Smart Card Crypto Provider” –importpfx foo. "AllowPrivateExchangeKeyImport"=dword:00000001 "AllowPrivateSignatureKeyImport"=dword:00000001 Follow the same steps as those described for receiving a digital certificate for a key database. After the CA sends you a new digital certificate, you need to add it to the smart card from which you generated the request. reg file : Windows Registry Editor Version 5.00 After specifying the module name and password for the smart card, proceed with the steps as if you had opened a key database. ![]() If this tweak is not applied, the import fails in CryptImportKey with the return code NTE_BAD_TYPE (0x8009000A) HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Base Smart Card Crypto Provider\AllowPrivateSignatureKeyImport=DWORD:0x1 HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Base Smart Card Crypto Provider\AllowPrivateExchangeKeyImport=DWORD:0x1 Set the following keys to disable this protection : Look at the key “Crypto Provider” to get the name of the CSPģ If the CSP is “Microsoft Base Smart Card Crypto Provider”īy default, importing a P12 file is forbidden if the CSP is “Microsoft Base Smart Card Crypto Provider”. ![]() Launch regedit.exe and open HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Calais\SmartCards Open the subkey named as the name of the smart card. 2 Determine the CSP (the driver) of the smart card This line contains the name of the CSP required. Note : if the smart card contains already some cryptographic material, for each container, a line named “Provider” is added. Open a command line and type “certutil -SCInfo”. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |