none
How do I fix smart card logon error - No valid certificates found ? RRS feed

  • Question

  • I have written a smart card minidriver (for a read-only card). Now I am trying Windows 7 smart card logon, but there is "No valid certificates found" error on logon screen, when I insert the card. 
    I have two certificates in the smart card, one for encryption, another for digital signature and windows logon. 
    Encryption certificate:
      Key Usage: Key Encipherment
    Signature and Logon certificate:
      Key Usage: Digital Signature, Non-Repudiation
      EKU : Client Authentication, Secure Email, Smart Card Logon
    I set two cmapfile records for these certificates:
    cmap[0].wszGuid = L"encr0@ug.net";
    cmap[0].bFlags                 = CONTAINER_MAP_VALID_CONTAINER;
    cmap[0].bReserved               = 0;
    cmap[0].wSigKeySizeBits         = 0;
    cmap[0].wKeyExchangeKeySizeBits = 2048;
    cmap[1].wszGuid = L"sign0@ug.net";
    cmap[1].bFlags                 = CONTAINER_MAP_VALID_CONTAINER|CONTAINER_MAP_DEFAULT_CONTAINER;
    cmap[1].bReserved               = 0;
    cmap[1].wSigKeySizeBits         = 2048;
    cmap[1].wKeyExchangeKeySizeBits = 0;
    Function calls in minidriver logs:
    when card inserted first time:
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardReadFile() [ksc00]
    CardGetProperty() [CP_CARD_CAPABILITIES]
    CardGetProperty()[CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[0]
    CardGetContainerInfo() ContainerIndex...[1]
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [0]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[0]
    CardReadFile() [cmapfile]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[0]
    CardReadFile() [cmapfile]
    CardReadFile()|pszFileName = [kxc00]
    CardGetProperty() [CP_CARD_CAPABILITIES]
    CardGetProperty()[CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardReadFile() [ksc01] --- File not found
    CardReadFile() [cmapfile]
    CardDeleteContext()
    CardAcquireContext()
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cmapfile]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [msroots]
    CardGetProperty()...[CP_CARD_CAPABILITIES]
    CardDeleteContext()
    when smart card logon occurs:
    CardAcquireContext()
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cardcf]
    CardGetProperty() [CP_CARD_SUPPORTS_WIN_X509_ENROLLMENT]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile() [cmapfile]
    CardReadFile() [ksc00]
    CardGetCapabilities...[CP_CARD_CAPABILITIES]
    CardReadFile() [cmapfile]
    CardDeleteContext()
    CardAcquireContext()
    CardGetProperty() [CP_CARD_GUID]
    CardReadFile() [cardcf]
    CardGetProperty() [CP_CARD_SUPPORTS_WIN_X509_ENROLLMENT]
    CardReadFile() [cmapfile]
    CardGetContainerProperty() [CCP_PIN_IDENTIFIER] for ContainerIndex: [1]
    CardGetProperty() [CP_CARD_PIN_INFO][1]
    CardReadFile() [cmapfile]
    CardGetContainerInfo() ContainerIndex...[1]
    CardReadFile()|pszFileName = [cmapfile]
    CardReadFile()|pszFileName = [ksc00]
    CardGetProperty() [CP_CARD_CAPABILITIES]
    CardReadFile() [cmapfile]
    CardDeleteContext()
    Why smart card logon doesn't continue? Is my certificate not suitable for logon, or did I write incorrect cmapfile, or anything else?
    Monday, April 4, 2011 12:01 PM

Answers

  • As this forum focuses on Windows SteadyState specific issuesyou should better ask  Windows 7 forum  for further help:

     

    http://social.technet.microsoft.com/Forums/en-us/category/w7itpro

    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us.  Thank you for your understanding.

     

     

    Regards,

    Leo   Huang


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Wednesday, April 6, 2011 8:39 AM
    Moderator