Smart card reader setup

Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services. Privacy policy. This topic for IT professional provides links to resources about the implementation of smart card technologies in the Windows operating system. It includes the following resources about the architecture, certificate management, and services that are related to smart card use:. Once it is uninstalled, unplug the reader from your computer.

Wait a few moments, then plug it back in. It "should" start to install itself. If that doesn't work, keep reading for other ideas below. Unzipping - the driver. Windows 10 or 8. Once you have the zip file downloaded, open the zip file Windows built in zipping program. Copy the folder inside to a new folder. It will unzip the contents, this is the folder you will need when you are doing the steps below.

It will then ask where you want to save the file. WinZip- Use the Extract button. It will ask you where you want to save the extracted files to, I recommend your desktop. Click the desktop icon on the left. Push the little yellow folder in the upper right corner of this active window. It will prompt you for a name for the folder type in CAC Driver.

This browser is no longer supported. Download Microsoft Edge More info. Contents Exit focus mode. Is this page helpful? The SubjAltName field of the smartcard certificate is badly formatted.

For each of the following conditions, you must request a new valid domain controller certificate. If your valid domain controller certificate has expired, you may renew the domain controller certificate, but this process is more complex and typically more difficult than if you request a new domain controller certificate.

If the domain controllers or smartcard workstations do not trust the Root CA to which the domain controller's certificate chains, then you must configure those computers to trust that Root CA.

The smartcard has an untrusted certificate. If the domain controllers or smartcard workstations do not trust the Root CA to which the user's smartcard certificate chains, then you must configure those computers to trust that Root CA. The certificate of the smart card is not installed in the user's store on the workstation. The certificate that is stored on the smartcard must reside on the smartcard workstation in the profile of the user who is logging on with the smart card.

You do not have to store the private key in the user's profile on the workstation. It is only required to be stored on the smartcard. The correct smartcard certificate or private key is not installed on the smartcard. The valid smartcard certificate must be installed on the smartcard with the private key and the certificate must match a certificate stored in the smartcard user's profile on the smartcard workstation. The certificate of the smart card cannot be retrieved from the smartcard reader.

It can be a problem with the smartcard reader hardware or the smartcard reader's driver software. Verify that you can use the smartcard reader vendor's software to view the certificate and the private key on the smartcard. The smartcard has an otherwise malformed or incomplete certificate.

For each of these conditions, you must request a new valid smartcard certificate and install it onto the smartcard and into the profile of the user on the smartcard workstation. The smartcard certificate must meet the requirements described earlier in this article, which include a correctly formatted UPN field in the SubjAltName field. If your valid smartcard certificate has expired, you may also renew the smartcard certificate, which is more complex and difficult than requesting a new smartcard certificate.

If the revocation checking fails when the domain controller validates the smart card logon certificate, the domain controller denies the logon.