Certificate Templates and third party CSP

Discussion in 'Server Security' started by Anette Andresen, Jan 5, 2006.

  1. Hi,

    I am working with a smart card solution in our network, and I have ran into
    a problem. First some info about the system. It is a purely Windows Server
    2003 domain, and the CA is an enterprise CA. The CSP belonging to the smart
    cards are not one of the defaults CSPs.

    We are going to use a customized certificate template based on the
    "Smartcard Logon" template for logon certificates. The template is created
    by duplicating the existing "Smartcard Logon" template. Under the "Request
    Handling" -> "CSPs..." we select "Requests must use one of the following
    CSPs:". And on this list we want to only permit the CSP belonging to our
    smartcard. The problem is that this CSP is not shown on the list. I have
    installed the CSP on the CA, the CSP is in registry (HKLM > Software > MS >
    Cryptography > Defaults > Provider), and it is from the CA I manage and
    create new certificate templates. As I have understood from the article,
    "How Certificate
    Work" -http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/3f5fdc52-8623-4336-840d-e90b2399c854.mspx
    is it only necessary to install the CSP on the computer that maintains the
    Certificate templates. (See "cryptograpic service providers" under "other
    request handling settings")

    But as said, the CSP is not shown on this list even though it is installed.
    So the question is, does anyone know what I can do to make this third party
    CSP available on the list?

    Anette Andresen
    Anette Andresen, Jan 5, 2006
    1. Advertisements

  2. Anette Andresen

    Paul Adare Guest

    microsoft.public.windows.server.security news group, Anette Andresen
    What CSP specifically and have you checked with the CSP provider?

    Paul Adare
    MVP - Windows - Virtual Machine
    Ca·nadi·an (k-nd-n) adj. & n.
    n: An educated, unarmed American with health care.
    Paul Adare, Jan 5, 2006
    1. Advertisements

  3. It is Spyrus Rosetta Series 2 smart cards and usb tokens I am going to use,
    and the belonging CSP. I currently have a dialog with them, but I have not
    got a solution for my problem yet.

    Anette Andresen
    Anette Andresen, Jan 5, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.