index > Windows CardSpace ("InfoCard") > format of FabrikamCertificate.ini

format of FabrikamCertificate.ini

I am trying to read the certificate from the smart card, but I am not sure what to put in for the value?

Q1. what is the format of the value? (in FabrikamCertificate.ini)

I tried the thumbprint of the certificate in the value. value=cdcff4a6d29f3f3b9fc63cd76cffe6c2103363a5 But i got problem when trying to use this infocard.

Error from CardSpace: "Your data could not be retrieve from the managed card provider. Check your network connection, and verify that you have supplied the correct authentication credentials."

 

Base on the comment, the sample of the value is Certificate Path(Localmachine/my/www.fabrikam.com), hash, filename (in which case you may need certificatepassword=)

Then I try value=currentUser/my/angela,cdcff4a6d29f3f3b9fc63cd76cffe6c2103363a5 and the card cannot be installed.

Note: the certificate in the smartcard is not a HA certificate, and the CA of the certificate in the smart card is already installed in the Trust CA store.

Q2. Must the certificate in the smartcard a HA certificate.

Please advice.

Ronghwa

Ronghwa

Q1. Format of the .ini file is that only one of the options hash,path,fileName should be specified. For example you should type:

value=cdcff4a6d29f3f3b9fc63cd76cffe6c2103363a5

or

value=currentUser/my/angela

but NOT value=currentUser/my/angela,cdcff4a6d29f3f3b9fc63cd76cffe6c2103363a5

Please note tha cert name (angela) is case snsitive.

Q2. Certificate shouldn't be HA because it's personal certificate that you should use with your card and HA certificates are intended for company use.

Regarding your problem, I faced simular issue and found workaround to set "AnonymousForCertificate" binding security option instead of "MutualCertificate". The problem with "MutualCertificate" option is that STS needs to authenticate your (ie. angela) certificate and I didn't find any documentation on how to do that.  



Srdjan
srdjan.bozovic

Hmmm.

What was the output of CardWriter?. It should tell you if it finds the certificate.

if you use the currentuser/my/angela format, you don't specify the certificate hash.

And no, you don't need an HA certificate for the smartcard (HA certificates aren't even availible yet).

The CardWriter is a bit loose with what it expects for the value (look at the code that digs it out):

if
Garrett Serack - MSFT

Thanks bozovic and Garrett for your invaluable insights.

Appreciated,

Ronghwa

Ronghwa
reply 4

You can use google to search for other answers

 

More Articles

• Problem after creating Managed Card
• Why not call it "Windows Identity Foundation"?
• July CTP WCF\Cardspace samples problems - ServiceChannel in Fault...
• New Sample: Decrypting a CardSpace Security Token
• Manage Card Creator error
• CardSpace Identity Versioning
• Sample Simple-STS for RC1+: There must be exactly one certificate
• Optional claims - how to obtain them from browser?
• Error installing Introduction to CardSpace sample app
• Token through to Page.User
Welcome to Bokebb   New Update   Joins the collection  
 

New Articles

• WS-protocols
• Token through to Page.User
• CardSpace in P2P
• July CTP Cardspace problems - Cannot run
• Why not call it "Windows Identity F
• issuedTokenAuthentication\knownCerticate
• Privacy Policy Schema
• New Sample: Decrypting a CardSpace Secur
• Could not load type 'Microsoft.ServiceMo
• DIY information cards - Issue with envel
• MutualCertificate and PPID
• RC1 STS sample posted
• TokenHelper depends on NetFx 3.0
• Submitting bugs on RC1 CardSpace bits?
• SSL Problem

Hot Articles

• New Sample: Simple STS
• unrecognized element in import of manage
• New Sample: Decrypting a CardSpace Secur
• CardSpace Transport Limitations
• Additional data from RP to IP/STS
• Using CardSpace in public places?
• Card Space with X509 Certificate
• validation failure when importing manage
• Using the Simple STS - Managed Card
• No show on samples
• Resolving HTTPS MEX Endpoint Problem
• issuedTokenAuthentication\knownCerticate
• Token through to Page.User
• Location of data in Self-issued card
• Submitting bugs on RC1 CardSpace bits?

Recommend Articles

• CardSpace encryption key
• Claims aren't static
• unrecognized element in import of manage
• Infocard problem on Windows Vista
• PingTrust
• Security problem about the certificate
• TokenHelper depends on NetFx 3.0
• Required certificates
• CardSpace Identity Versioning
• Problem in STS Communication
• Questions on managing a large number of
• Vista is not updating the time from the
• Indigo STS Implementation
• WCS .NET 3 June CTP and IE7
• MutualCertificate and PPID
index |  sitemap         Powered by xichy{at}163.com