Smart Card Logon and 802.1x Authentication

P

PIV Man

I've read some content that indicated that a Smart Card Logon certificate
could not be used for 802.1x Authentication with the 802.1X Windows Client.
Is this restriction still true or is this outdated information ? This is a
tough restriction for something like a PIV Card, which as one (of four)
certificates dedicated to authentication purposes. The authentication
certificate works well for Smart Card Logon and in some environments would
need to be used for 802.1x authentication for wireless as well. That
restriction basically kills everything if you have alot of wireless going on.
 
J

Jan Spooren

Hi PIV Man,

> I've read some content that indicated that a Smart Card Logon certificate
> could not be used for 802.1x Authentication with the 802.1X Windows
> Client.
> Is this restriction still true or is this outdated information ? This is
> a
> tough restriction for something like a PIV Card, which as one (of four)
> certificates dedicated to authentication purposes. The authentication
> certificate works well for Smart Card Logon and in some environments would
> need to be used for 802.1x authentication for wireless as well. That
> restriction basically kills everything if you have alot of wireless going
> on.

I haven't tested with the 'Smart Card Logon' certificate template, but it
would surprise me if that wouldn't work. In any case, a certificate created
with the 'Smart Card User' certificate template can be used both for smart
card logon and 802.1x authentication.

Cheers,
Jan.
 
P

PIV Man

Jan,

Thanks for the information. I'll assume our solution will work as
designed, then. If anyone else has any experience with this, please let me
know how it went.

"Jan Spooren" wrote:

> Hi PIV Man,
>
> > I've read some content that indicated that a Smart Card Logon certificate
> > could not be used for 802.1x Authentication with the 802.1X Windows
> > Client.
> > Is this restriction still true or is this outdated information ? This is
> > a
> > tough restriction for something like a PIV Card, which as one (of four)
> > certificates dedicated to authentication purposes. The authentication
> > certificate works well for Smart Card Logon and in some environments would
> > need to be used for 802.1x authentication for wireless as well. That
> > restriction basically kills everything if you have alot of wireless going
> > on.
>
> I haven't tested with the 'Smart Card Logon' certificate template, but it
> would surprise me if that wouldn't work. In any case, a certificate created
> with the 'Smart Card User' certificate template can be used both for smart
> card logon and 802.1x authentication.
>
> Cheers,
> Jan.
>
>
>
 
You must log in or register to reply here.

Similar threads

H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
31
Hanish Gopi
H
H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
32
Hanish Gopi
H
H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
27
Hanish Gopi
H
J
Smart Card Reader suddenly stopped working on Windows 11
Replies
0
Views
47
JacobOrtega
J
D
  • Article
Update on Recall security and privacy architecture
Replies
0
Views
47
David Weston, Vice President Enterprise and OS
D
Back
Top Bottom