You may be trying to access this site from a secured browser on the server. Please enable scripts and reload this page.
Turn on more accessible mode
Turn off more accessible mode
Skip Ribbon Commands
Skip to main content
To navigate through the Ribbon, use standard browser navigation keys. To skip between groups, use Ctrl+LEFT or Ctrl+RIGHT. To jump to the first Ribbon tab use Ctrl+[. To jump to the last selected command use Ctrl+]. To activate a command, use Enter.
Site Actions
This page location is:
Ondrej Sevecek's Blog
Ondrej Sevecek's English Pages
Comments
Re: How to correctly use AD CS with hardware based cryptographic provider
Browse
Tab 1 of 2.
View
Tab 2 of 2.
Sign In
Edit
Item
Version History
Manage Permissions
Delete Item
Manage
Ondrej Sevecek's English Pages
Comments
: Re: How to correctly use AD CS with hardware based cryptographic provider
Engineering and troubleshooting by Directory Master!
This Site
This List
Home
Currently selected
Contacts
Quick Posts
Quick Launch
Libraries
Site Pages
Pictures
General
Lists
Links
Posts
Comments
Categories
Quick Posts
Discussions
Surveys
All Site Content
Sorry comments are disable due to the constant load of spam
2
Title
Re: How to correctly use AD CS with hardware based cryptographic provider
Author
ondass
Body
good point, but smart cards, especially those based on Base Smart Card Provider (the minidriver cards) do have two PINs - regular user PIN and a master PIN. Master PIN (48 digits) can be used to completelly control the card, export and import certificates with private keys or anything else imanigable. So you can always backup smart card using the master PIN and store everything in separate locations.
anyway, I was talking about cheap solution, so even the backup would be a cheap procedure.
Attachments
Created at 14/12/2015 09:10 by Ondřej Ševeček
Last modified at 14/12/2015 09:11 by Ondřej Ševeček
