Hi there I'm evaluating eTokens for secure cert storage and along with other aspects was looking at the ability for Windows domains to use smartcards to control login access. Aladdin eToken documentation explicitly states you have to use a Microsoft CA to generate certs that can be used for smartcard access. However, we have a OpenSSL based PKI and I want to use that instead.
I'm guessing all I need is to insert each users pubkey into their AD accounts "Published Certificates" tab, but when I try to login I get a generic error. So I'm guessing there are cert extensions that AD's "smartcard" control looks for. Any ideas what they are (or am I totally off-track?) Thanks! -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
