SecureLogin prompts for the passphrase when authenticating with a smartcard

Document ID:7017246
Creation Date:10-Feb-2016
Modified Date:10-Feb-2016
- Micro Focus Products:
  SecureLogin

Environment

NSL 8.0.2.1 in AD mode

Middleware ActivClient 7.0.2.403

Windows 7 workstations

Situation

SecureLogin prompts user for passphrase when using smartcard to login.

Passphrase is requested every time users authenticate through a smartcard.

Problem does not occur when authenticating with a username and password.

Resolution

Apply NSL8.1 or newer AND set the "NonRepudiationKeyCSP" registry key to "Microsoft Base Smart Card Crypto Provider" as follows:

[HKEY_LOCAL_MACHINE\Software\Protocom\SecureLogin\Security]
NonRepudiationKeyCSP
Type : STRING
Value: Microsoft Base Smart Card Crypto Provider

Additional Information

The following registry settings may also be necessary:

[HKEY_LOCAL_MACHINE\SOFTWARE\Protocom\SecureLogin]
UseSigningCertificate
type: DWORD
value : 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Protocom\SecureLogin]
ForceHKLMandNoDPAPI
Type : DWORD
Value : 1

For older versions of ActivClient set the NonRepudiationKeyCSP registry key to "ActivClient Cryptographic Service Provider"

[HKEY_LOCAL_MACHINE\Software\Protocom\SecureLogin\Security]
NonRepudiationKeyCSP
Type : STRING
Value: ActivClient Cryptographic Service Provider