How can I customize the Cryptographic Service Provider (Base CSP) in the Smart card subsystem architecture

只愿长相守 提交于 2020-06-17 15:46:10

问题


From microsoft documentation
In steps 6 and 7 (Kerberos SSP <-> CSP or Base CSP): In essence, it exchanges a copy of the x.509 certificate (from a smart card) in the pre-authentication data field of the request and is signed by the private key.


I wonder if there is any method to customize CSP (Cryptographic Service Provider) so that Kerberos SSP can get x.509 certificate (self-created) without using smart card? Then from Kerberos SSP send the certificate to AD (active directory).

Link Microsoft documentation:
Certificate Requirements and Enumeration: https://docs.microsoft.com/en-us/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration
Smart Card Architecture: https://docs.microsoft.com/en-us/windows/security/identity-protection/smart-cards/smart-card-architecture


Please let me know. Thanks in advance!

来源:https://stackoverflow.com/questions/61867671/how-can-i-customize-the-cryptographic-service-provider-base-csp-in-the-smart-c

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!