InfiniTec - Henning Krauses Blog

Don't adjust your mind - it's reality that is malfunctioning

Accessing Certificates on NetKey 3.0 Smartcards with Windows

Posted under Smartcards | Comments (0)

Using smartcards with Windows is not as trivial as I thought it would be. Although Microsoft ships a Smartcard provider for its CryptoAPI for current versions of Windows (an update is available for older versions of Windows), most smartcards cannot be used out of the box. Every smartcard type requires its own implementation of a Cryptographic Service Provider (see http://msdn.microsoft.com/en-us/library/ms953432.aspx for more information).

The Netkey type of smartcards is used by T-Systems in Germany. They also offer a CSP module for Windows (x86 and x64) and PKCS#11 interface libraries for Linux, MacOs and Windows. It can be downloaded from the TeleSec website.

Once the CSP is installed, the Card Management software, which comes with the driver, can be used to map certificates from a smartcard into the Windows Certificate (either the store of the current user or the local machine).

This is the main view of the TeleSec Card Management software:

Overview

Each certificate on the card has its own node. If you click on it, the certificate is displayed in the right view. From there you can import it into the store of the current user. To import the certificate into the machine store, right-click the certificate and select “Save certificate in machine store”. Administrative rights are required for the latter operation. On Windows Vista you must start the Card management software with elevated privileges.


Posted by Henning Krause on Sunday, November 14, 2010 1:11 PM, last modified on Sunday, November 14, 2010 1:52 PM
Permalink | Post RSSRSS comment feed