This information is written in English only
The certificate issued for SmartCard Logon.
Explanations | Screenshots |
---|
General: - Validity = 3 years
- Renewal Period = 6 weeks
- Published in Active Directory
We can see certificate issued under user account properties in AD | Image Modified | Compatability: Default setting
| Image Modified | Request Handling: - Purpose = Signature and SmartCard Logon
- Prompt the User during enrollment = Set
| Image Modified | Cryptography: - Key Size = 1024
- Requests can use any provider available on the subject’s computer
| Image Added | Key Attestation: Default setting | Image Added | Subject Name: Name is obtained from Active Directory based on the Fully distinguished name and the user's UPN | Image Added | Issuance Requirements: - This number of authorized signatures = 1
- Policy = Application Policy and Certificate Request Agent
- Reenrollment = Same criteria as for enrollment
| Image Added | Suspended Templates: | No settings = Default | Image Added | Extensions: | Policy = Client Authentication, SmartCard Logon- policies = Smart card Logon, Client Authentication
| Image Added | Extensions: - Basic Constraints = Default settings
| Image Added | Extensions: - Certificate Template Information = Default Setting
| Image Added | Extensions: - Issuance Policies = Default
| setting (Certificate policies are also known as issuance policies) | Image Added | Extensions: | UsageDigital SignatureCritical extension - usage: Digital signature – Critical extension
| Image Added | Security: These settings determine the privileges for the Certificate for read, modify and enroll of certificate. Only the DL_CA_ADM, the DL_LRA_ADM and the DL_CA_LRA | _Operators auto EnrollmentAuthenticated Users = Read- DL_CA_Admins = Read, Write, Enroll
- DL_CA_LRA_Admins = Read, Write,
| - Enroll
- DL_CA_LRA_Operators = Read, Enroll
| Domain Admins = Read, WriteEnterprise Admins = Read, Write
| Image Added | Server: Default settings | Image Added |
|