With SafeNet Authentication Client (SAC), you can also store CA certificates on your token / smartcard.
This makes it easier to verify the certificates on your token / smart card, as well as those used in your company.
To do this, select your token / smart card (on the left) or go to the "User certificates" section (if present) and click on the "Import Certificate" icon (at the top).
Choose whether you want to import the public certificate (".cer" format) of your certification authority from the certificate store of your computer or server or from a file.
In our case, we are going to import it to our smart card from a file. So, we select "Import a certificate from a file".
Select your CA's public certificate.
In our case, we had previously exported it in ".cer" format.
Wait a few seconds while this certificate is writed on your token / smart card, then the message "Certificate was imported successfully" will appear.
Once your CA certificate is imported, a new "CA certificates" section.
If you select this "CA certificates" section, you will see the list of certification authority (CA) certificates present on your token / smart card with :
If you select this CA certificate (on the left), SafeNet Authentication Client (SAC) will show you some information about it :
If you double-click on the certificate displayed by SafeNet Authentication Client (SAC), you will see it with the usual Windows interface.
Note that as long as you store CA certificates on your token/smartcard, SafeNet Authentication Client (SAC) is configured to automatically import them into your computer's or server's certificate store when you connect your token (or that you insert your smart card into the smart card reader).
Which will cause a security warning to appear if the CA certificate is not yet part of the trusted CAs of your computer or server.
In this case, you will only have to click on "Yes" to confirm the import of this certificate into the certificate store of your computer or server.
As expected, your CA certificate is now one of the trusted CAs for the current user.
As you can see, in our case, we have 2 user certificates on our smart card :
If we look at the contents of our computer's certificate store, we can see that we also have these same certificates.
To delete a certificate from your token / smart card, select this certificate on the left and click on the 1st icon (Delete Certificate) on the right.
Warning : when you delete a certificate from your token / smartcard from SafeNet Authentication Client (SAC), the corresponding certificate present in the "Personal" certificate store of your computer or server will also be deleted transparently without SafeNet Authentication Client (SAC) notifies you.
The "This will delete the certificate. Are you sure?" warning appears.
Click OK.
The "Certificate was deleted successfully" message appears.
The deleted certificate disappears from the list of certificates of your token / smart card.
Important : as you can see, the corresponding certificate has also been transparently deleted from the "Personal" certificate store of your computer / server.
Which means you have also lost the private key associated with this certificate. Unless you have enabled certificate archiving on your certification authority (which is not the case by default). (TUTO ad-cs-agent-recup)
In the "Settings" section of the SafeNet Authentication Client, if you select the "PIN Quality" tab, you will be able to :
In the "Advanced" tab of the "Settings" section, you can configure settings concerning the properties (PIN Properties) and the validity (PIN Validity) of the PIN code for this token / smart card :
If you go to the "Settings -> Digital Signature PIN" section, you will find exactly the same settings with the same 2 tabs.
Except that this time, the purpose of the PIN code (PIN Purpose) displayed will be : Digital Signature PIN.
If you go to the "Settings -> Digital Signature PUK" section, you will find almost the same settings with the same 2 tabs.
Except this time, the purpose of the displayed PIN (PIN Purpose) will be "Unlock Only PIN" and the "PIN Validity" section will be gone.
If you go to the "Client Settings", you can again modify settings concerning the quality of passwords, as well as advanced settings.
However, in this case, the modified settings will be those of the client (SafeNet Authentication Client / SAC) and not those of your token / smart card.
In the "Password Quality" tab, you can configure :
In the "Advanced" tab, you can configure the advanced settings of this "SafeNet Authentication Client" :
If you click on the "i" icon (top right), you will be able to see the name and version of SafeNet Authentication Client, as well as the address of the official Thales (formerly Gemalto) website.
By clicking on the "?" (top right), SafeNet Authentication Client Help will appear.
As you can see, this is a manual in PDF format.
In this case, it's the "SACHelp.pdf" file found in the "C:\Program Files\SafeNet\Authentication\SAC" folder (following the installation of "SafeNet Authentication Client".
If you click on the house icon (top right), you will be able to access the official Thales website.
Windows Server 8/15/2014
Windows Server 1/5/2024
Windows Server 9/15/2023
Windows Server 9/29/2023
Pinned content
Contact
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.
No comment