Issue with multiple smart cards and smart card certificate renewal (330228)
The information in this article applies to:
- Microsoft Windows Server 2003, Datacenter Edition
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows Server 2003, 64-Bit Datacenter Edition
- Microsoft Windows Server 2003, 64-Bit Enterprise Edition
- Microsoft Windows Small Business Server 2003, Premium Edition
- Microsoft Windows Small Business Server 2003, Standard Edition
This article was previously published under Q330228 SYMPTOMSDuring the renewal process for a certificate whose private
key is stored on a smart card, you are initially prompted for a smart card. If
you insert an incorrect smart card of the same brand and the incorrect smart
card is used to form the renewal request, you are prompted for the correct
smart card, and the request is then formed and sent to the certification
authority (CA). After the certificate request is granted and the new
certificate is installed on the correct smart card, neither of the smart cards
works correctly.
Note that this issue can occur during manual
certificate renewal by using the wizard in the snap-in, or during automatic
enrollment renewal. CAUSEThis problem occurs because the private key of the
first (incorrect) smart card is used to form the renewal request, and the
private key of the second (correct) smart card is used to sign the renewal
request. WORKAROUNDTo work around this problem, reissue a new certificate for
each smart card.STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
| Modification Type: | Major | Last Reviewed: | 7/12/2006 |
|---|
| Keywords: | kbprb KB330228 |
|---|
|