Smart Card Logon and 802.1x Authentication

P

PIV Man

I've read some content that indicated that a Smart Card Logon certificate
could not be used for 802.1x Authentication with the 802.1X Windows Client.
Is this restriction still true or is this outdated information ? This is a
tough restriction for something like a PIV Card, which as one (of four)
certificates dedicated to authentication purposes. The authentication
certificate works well for Smart Card Logon and in some environments would
need to be used for 802.1x authentication for wireless as well. That
restriction basically kills everything if you have alot of wireless going on.
 
J

Jan Spooren

Hi PIV Man,

> I've read some content that indicated that a Smart Card Logon certificate
> could not be used for 802.1x Authentication with the 802.1X Windows
> Client.
> Is this restriction still true or is this outdated information ? This is
> a
> tough restriction for something like a PIV Card, which as one (of four)
> certificates dedicated to authentication purposes. The authentication
> certificate works well for Smart Card Logon and in some environments would
> need to be used for 802.1x authentication for wireless as well. That
> restriction basically kills everything if you have alot of wireless going
> on.

I haven't tested with the 'Smart Card Logon' certificate template, but it
would surprise me if that wouldn't work. In any case, a certificate created
with the 'Smart Card User' certificate template can be used both for smart
card logon and 802.1x authentication.

Cheers,
Jan.
 
P

PIV Man

Jan,

Thanks for the information. I'll assume our solution will work as
designed, then. If anyone else has any experience with this, please let me
know how it went.

"Jan Spooren" wrote:

> Hi PIV Man,
>
> > I've read some content that indicated that a Smart Card Logon certificate
> > could not be used for 802.1x Authentication with the 802.1X Windows
> > Client.
> > Is this restriction still true or is this outdated information ? This is
> > a
> > tough restriction for something like a PIV Card, which as one (of four)
> > certificates dedicated to authentication purposes. The authentication
> > certificate works well for Smart Card Logon and in some environments would
> > need to be used for 802.1x authentication for wireless as well. That
> > restriction basically kills everything if you have alot of wireless going
> > on.
>
> I haven't tested with the 'Smart Card Logon' certificate template, but it
> would surprise me if that wouldn't work. In any case, a certificate created
> with the 'Smart Card User' certificate template can be used both for smart
> card logon and 802.1x authentication.
>
> Cheers,
> Jan.
>
>
>
 
You must log in or register to reply here.

Similar threads

H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
12
Hanish Gopi
H
H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
21
Hanish Gopi
H
H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
15
Hanish Gopi
H
J
Smart Card Reader suddenly stopped working on Windows 11
Replies
0
Views
34
JacobOrtega
J
G
Smart Card Authentication and Cached Logons
Replies
0
Views
140
Gene Strickland
G
Back
Top Bottom