Smart Card Code Signing Does Not Work When Obtaining the Public Key from a File Instead of the Certificate Store (244612)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional
This article was previously published under Q244612 SUMMARY
If you have your private key on a smart card for code signing and you cannot use the certificate store (for example, your computer has been rebuilt), the Code Signing Wizard does not allow the private key to be extracted from the smart card and successfully completed. You may receive the following error message:
You cannot continue - the code was not signed.
MORE INFORMATION
This is a known restriction when you are working with removable security tokens such as smart cards. The system on which an operation is performed may not have knowledge of the token required to complete the operation.
Even when you insert a GemPlus smart card in the smart card reader, the GemPlus cryptographic service provider (CSP) cannot return any key container name for the CryptGetProvParam(PP_ENUMCONTAINERS) function. This also applies to the Schlumberger CSP.
Note that when you insert a smart card into a reader in Windows 2000, the smart card is immediately and automatically queried for any certificates associated with its keys by the Microsoft Cryptography Application Programming Interface (CryptoAPI). The certificates are placed in your local certificate store with references to the CSP and the container from which it was extracted.
| Modification Type: | Major | Last Reviewed: | 11/13/2003 |
|---|
| Keywords: | kbenv kbHardware kbinfo KB244612 |
|---|
|