 This information is written in English only
The certificate issued for SmartCard Logon. 
| Explanations | Screenshots |
|---|
General: - Validity = 3 years
- Renewal Period = 6 weeks
- Published in Active Directory
We can see certificate issued under user account properties in AD |  Image Modified
| Compatability: Default setting
|  Image Modified
| Request Handling: - Purpose = Signature and SmartCard Logon
- Prompt the User during enrollment = Set
|  Image Modified
| Cryptography: - Key Size = 1024
- Requests can use any provider available on the subject’s computer
|  Image Modified
| Key Attestation: Default setting |  Image Modified
| Subject Name: Name is obtained from Active Directory based on the Fully distinguished name and the user's UPN |  Image Modified
| Issuance Requirements: - This number of authorized signatures = 1
- Policy = Application Policy and Certificate Request Agent
- Reenrollment = Same criteria as for enrollment
|  Image Modified
| Suspended Templates: No settings = Default |  Image Modified | Extensions: - Application policies = Smart card Logon, Client Authentication
|  Image Modified
| Extensions: - Basic Constraints = Default settings
|  Image Modified
| Extensions: - Certificate Template Information = Default Setting
|  Image Modified
| Extensions: - Issuance Policies = Default Setting
|  Image Modified
| Extensions: - Key usage: Digital signature – Critical extension
|  Image Modified
| Security: These settings determine the privileges for the Certificate for read, modify and enroll of certificate. Only the DL_CA_ADM, the DL_LRA_ADM and the DL_CA_LRA groups should get this certificate via Enroll. - DL_CA_Admins = Read, Write, Enroll
- DL_CA_LRA_Admins = Read, Write, Enroll
- DL_CA_LRA_Operators = Read, Enroll
|  Image Modified
| Server: Default settings |  Image Modified
|
|