Smart card certificate number


We use Gemalto ID smart cards first .net to open a session in our office systems and use the same to work from home, connecting via Citrix Online site.

Lenovo laptop at home is able to install the card reader and the smart card. A copy of the certificate of the smart card is copied to the Windows 8.1 point certmgr. However, when you access our website, IE does not read the certificate.

Our website accepts the connection via IE, Chrome and Firefox. All 3 browsers are unable to read the certificate and there is no prompt to choose the certificate also.

This has been noted on all laptops Lenovo only. No problem when using other brands with the same operating system.

Details of the laptop

Model tested: Lenovo Z50-70

OS: windows 8.1

Used browsers: IE 11, Chrome and Firefox (latest versions)

Smart Card: Gemalto IDEPrime .net card

Only issue with different models of Lenovo laptops. Other brands with the same operating system and browsers works fine.

Let me know if you need more details

Thank you


I reset my computer to factory settings and found the culprit.


Remove this program and your browser must Access your certificates with no problems.


Tags: Lenovo Products

Similar Questions

  • Authentication card smart - authentication certificate user

    I am developing an authentication solution for BlackBerry based on cryptographic SIM cards. I managed to create a pilot smart card reader and a driver of smart card using the RIM Crypto API. The use of these two, I'm able to import a
    certificate stored on the SIM card, enable the authentication of users in two phases that checks the password device and the STEM to the certificate. I can also set up a TLS session using private keys and certificates stored on the card.

    However, when you try to activate the "Authentication certificate" option in the password options panel, I encounter a problem. After selection of the certificate and click on save, the device asks me to enter the password device and the PIN smart card, what I'm doing. Debugging tells me, that the PIN is properly checked with the card. Subsequently, a 'Card access smart' popup appears with information that the 'Options' of RIM application attempts to access the card with the information "the private key will be used to initialize authentication certificate". When I enter PIN code OK, I said: 'failed to initialize authentication certificate. Check that the certificate is not on the smart card used for two-factor authentication. »

    Can someone tell me why this is? Must the certificate be special in some way (content, restriction of the use of the key etc.)? The certificate is obviously present on the map, as there is for example a client certificate for TLS sessions setting. Also, what makes this "initialization" all of the average of certificate?

    Well, I think I'll answer myself that I managed to solve this problem

    After some debugging I realized that:

    • After the second PIN prompt appears, the method of signRSA (net.rim.device.api.crypto.RSACryptoSystem, net.rim.device.api.crypto.CryptoTokenPrivateKeyData, byte [], byte [], int, int, java.lang.Object) in our RSACryptoToken extension is called
    • This method gets a context (last parameter) object, which is a SmartCardSession
    • during the processing of the request of sign (cf. the smart card and examples of smart card of RIM drive) must not create an another smart card session, but instead reuse the provided in the framework.

    Trying to establish a new session of chip due to the demand to block, because the sessions are exclusive, i.e. only can be opened simultaneously.

  • VMview4 clientauthentication via certificate without smart card

    Hello world

    is it possible (and if so how) to configure ssl in the way that only customers who have a certificate can connect to vmview?

    The certificate must be issued by a CA Windows. The broker for connections is already operating with a certificate issued by the ca of th.

    Thank you


    Certificates installed locally (with extended key usage the Client authentication) can be used for authentication on the view connection server.  So to do what you ask, you must configure the authentication of smart card on the view connection server (see the Administrator's guide) and assign required and then just not to distribute cards to chip to users.  However, users would not get, single-sign - on because there is no smart card to be redirected to the remote desktop.

  • The Authentucated smart card user session is stopped airtight when the card is removed, regardless of httpd SSLSessionCacheTimeout (default 300) setting. Why?

    I installed safety device in the option tab / advanced ff. Then using smart cards to connect to my server. The smart card user is authenticated and secure connection goes smoothly. When the card is removed from the card reader, the connection is immediately interrupted, regardless the SSLSessionCacheTimeout settings. Mine is set to 300.

    I did the same thing with IE, it maintains the connection until the expiry of the SSLSessionCacheTimeout.

    It is characteristic of FF-specific-designed? Or do I FF browser-specific sth keep my secure connection based on the parameter SSLSessionCacheTimeout?

    Thank you

    Hey SecureDevPaty,

    I wonder if you have installed a cert in the side server or client-side.

    I'm not an expert in the present, but these are the references that I found. I * think * after reading this session LAA there is a feature of ssl in the about: config page. If you are looking for ssl, look at the features of trading. who, after having reread the thread we already did.

    I started to read more about the rules of ssl

    and a few rfcs. My question is, the rule for timeout, is this set on the server? with a specific rule in the cert? If it is a basis of cert, I would ask

  • KB931125 Rompt Web server authentication by smart card...

    Windows 2008 Enterprise SP2 IIS7

    The Web site is authenticated against AD with smart card.  Works great... until KB931125 is installed.  As soon as this update of root certificate is installed, all customers get 403.7 error.  I'm going back the VM to the snapshot before KB931125 was installed and everything works well again.  It don't seem to be a way to delete/cancel the damage inflicted by this update of root certificate.

    I found this post: and cleaned on the certificates, but it is not always correct it.

    Please notify.

    It turns out that I'm not a not delete simply not enough of the root certificates.  It works now after the removal of about 1/2 of them.

  • Smart Card Logon test is a failure

    Hello, we are test user log-ins via the authentication by smart card on a closed network and we have had no success in connecting with our cards to chip on test stations.  We received an external domain domain controller certificates, as well as two root CA certificates and two intermediate certificates.  The workstations to output an error: "the system could not log.  "You cannot use a smart card to log smart card log on is not supported for your user account (Windows 7)" or "the system could not log.  The authentication server you reported and error (0xC00000BB).  You can find more information in the event log.  Report this error to the administrator of the system (Windows XP)".  There is no error useful to examine logs of the events of the workstation.

    On domain controllers, the following errors appear in the system log:

    EVENT ID: 19 Source: Kerberos-Key-Distribution-Center, this event indicates an attempt was made to use smart card logon, but the KDC is unable to use the PKINIT protocol because it lacks an appropriate certificate

    EVENT ID: 29 Source: Kerberos Key Distribution Center The Key Distribution Center (KDC) could not find a suitable to be used for smart card logon, or the KDC certificate could not be verified.  Smart card logon may not work correctly if this problem is not resolved.  To correct this problem, check the existing KDC certificate by using certutil.exe, or sign up for a new KDC certificate.

    Here is the question I have checked/verified so far:

    (1) open ther Certificates.mmc a snap-in and verified software component (under the computer account) the certificate domain controller is located in the 'Personal' certificates, the root CA certificates are located in the "certificate authorities roots of trust", and the intermediaries/subordinate certificates are found with intermediate "CAS" folders

    (2) the insured and default domain policy change certificates have been imported into their respective folders as well.  A ran a gpupdate/force on my workstation to test and verified that the policy works and certificates have been loaded.

    (3) Ran certutil - store-Enterprise NTAuth and verified certificates have been published.

    (4) copied the cert DC to my workstation and ran the following command prompt: certutil - verify - URLFetch DC.cer

    The current result is:

    Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0 x 2)

    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)

    Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)

    Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x10000000)

    -----------------------------------Certificate AIA---------------------------------------

    319.1654.0: 0x800072efd (WIN32: 12029): http://URL

    Has no time "AIA": 0

    Error recovery URL: error 0.80072efd (WIN32: 12029)


    -----------------------------------Certificate CDP---------------------------------------

    Same message as above for AIA

    ERROR: Verify revocation of certificate revocation function returned sheet status could not check revocation because the revocation server was offline.  0 x 80092013 (-2146885613)

    CertUtil: The revocation function could not check revocation because the revocation server was offline

    (5) copied my user on the domain controller certificate and again ran the following command against it: certutil - verify - URLFetch usercert.cer

    (6) from my normal user account, I am able to verify that the CDP URL are correct and that it can download revocation lists.

    I hope I have provided enough detail.  My colleagues and I are confused as to what is to prevent revocation checks and out to the CDP URLS that are valid, ultimately preventing us to connect with our cards smart.  Has anyone ever encountered this problem?  Your help is appreciated in advance.

    You question may be better resolved if you post on the IT Pro Forum:

    J W Stuart:

  • Can I sign a document with my digital signature using professionals DC smart card?

    Can I sign a document with my digital signature using professionals DC smart card?

    You mean certificate on your smart card, right of signature? If the certificate on your smart card is designed to sign then the answer is "Yes, you can. CA that issued a certificate place some fields that can restrict its use, say, as well as encryption, only signature or authentication of the server only, etc. The certificate on your smart card doesn't have to be no restrictions to use incompatible with signature for you to be able to sign with her. You can simply try to connect your smart card and watch if Acrobat accepts the certificate for the signature.

  • VMWare View fails with windows 7 ultimate 64 bit and smart card

    I have two PC's are both 64-bit Windows 7 Ultimate machines.  My laptop connects to my work PC, but my office will not.  He is aware of my smart card, but when I try and connect it fails saying "failed to connect to server to connect to view. Smart card or certificate authentication is required. "Anyone else had a problem like this?

    See for more information on this problem.  Let me know if you have any questions.

  • Generate public and private keys within the smart card

    Hi all

    I use this code to generate public and private keys within the smart card.

    KeyPair kp = new pair of keys (KeyPair.ALG_RSA_CRT, KeyBuilder.LENGTH_RSA_512);
    kp.genKeyPair ();
    PrivateKey prikey = kp.getPrivate ();
    PublicKey pubkey = kp.getPublic ();

    This code runs without error.

    I need to obtain the public key of the smart card. So I need to get the public key to a byte array.
    But I can't get these keys in array of bytes of plain text.

    The methods I can get for pubkey object are

    pubkey.clearKey ();
    pubkey. Equals (obj);
    pubkey.getSize ();
    pubkey.getType ();
    pubkey.isInitialized (); only these.

    I use
    Eclipse Version: 3.4.1 (level of agreement of the compiler = 1.4)
    Jcop plugin (to connect with the real map and to test the java code in virtual card provided by JCOP)
    OmniKey5321 (characters without contact) card reader

    What is the reason to get those above methods pubkey object? Is it a version problem?
    How can I get the public key in ordinary byte array? Is this possible?
    If it is not possible, is there a way to get the public key as a certificate of export or something another solution?

    If my script is not a possible strategy, how can I use private public keys to send the applet-specific data? Is there a better way to do it?

    Published by: 863766 on June 6, 2011 12:16 AM
    RSAPublicKey pubkey = kp.getPublic();


    pubkey.getExponent(...); pubkey.getModulus(...);
  • Remote graphics software: Support for smart card for the RGS

    Hello community!

    Read the manual of RGS 7.2, the section on smart card authentication implies that the functionality is restricted to the receivers of Windows. Should the sender also be a Windows system? For example, you could use a receiver of Windows with a smart card reader to transmit this information to a sender of Linux supported?

    Thank you!

    Smart cards are not supported on shippers Linux at this time.

  • Re: Satellite A200 PSAE6E: cannot install Flash Cards - serial number incorrect




    Post edited by: niijosh


    In most cases, the invalid serial number error message occurs if you try to install a utility that has been created for this series of portable.
    You should check if you have downloaded the right tool.

    But a question; You use the version of BIOS in Vista?
    At that time European Toshiba page driver provides the Win Vista BIOS 2.60.
    Please check this!

    Also before that you would try to install Flash cards, you must install the VAP. Value added package contains tools needed and it should be installed first before installing Flash cards.

    Good bye

  • Tecra Z50 - A - 18 d - smart card reader does not work

    My Tecra O2Micro OZ776 chip card reader sees the cards.
    Device Manager reports "the device is working properly" and the latest version ( of the drivers are installed.
    If a card is inserted or no, running "certutil.exe - scinfo" at a prompt gives:
    - - - - - -
    The Microsoft Smart Card Resource Manager is running.
    Current reader/card status:
    Readers: 1
    0: O2Micro CCID SC Reader 0
    -Player: O2Micro CCID SC Reader 0
    -Status: not card.

    ================================================== =====
    Card in the reader analysis: O2Micro CCID SC Reader 0


    CertUtil:-SCInfo command completed successfully.
    - - - - - -
    I tried a variety of different card chipped and none of them even register as present in the drive.
    Does anyone have an idea what is happening here? Is there any sort of software adapted to this situation?

    Ah... never mind, the old trick of powercycle fixed the problem...

  • Want to 700-021eo. : 15-one smart card reader will not work or show after upgrade to Win10

    15-one smart card reader worked fine under WIN 8.1 but after that upgrade to Win10 it does not appear in the list of devices. I have tried to find drivers but don't know if it's a unit of HP or Realtek or whatever. Any suggestions?

    Kind regards


    Hello @Eyka,

    Welcome to the Forums of HP Support! It's a good place to find the help you need, so many other users, the HP experts and other members of the support staff.

    I understand that you have a problem with the smart card reader and wanted to help you!  I see that this problem started after the upgrade of OS Windows 10.

    It seems that there are no Windows 10 drivers available for your product on the HP site.  It seems that Windows 10 drivers can be pushed through Windows Update.  Alternatively, you can try to check this site as well:

    HP products - where to find Windows 10 drivers and software for my model?

    If you have problems to install the drivers, you can use the tool on the following site:

    Open the Windows Update troubleshooting tool

    It is possible that the drivers are not available for your product.  If this is the case, or the drivers you found do not work, try to use the solutions on this site to work around the problem and let me know how it goes: how: install and update drivers in Windows 10

    Please let me know if this information helps you solve the problem by marking this message as 'accept as Solution', this will help others easily find the information they seek.  In addition, by clicking on the Thumbs up below is a great way to say thank you!

    Have a great weekend!

  • Tecra A10 - rest unknown smart card


    I have Tecra A10 - 19 f, PTSB1E
    I use windows 7 x 64 Ent
    Install the following package,, but the pilot remains unknown smart card.

    Can someone help me?

    Thank you

    You have installed the driver properly?
    Unzip the driver downloaded in an empty folder. Go ahead and you will see a folder named x 64.
    Start setup.exe from there.

  • setting moet naar devising smart card. hoe doe ik dat...

    installation e.dentefire 'Aggro' bank account fails note of Pentecost: automatick smart card settings. How to do that.

    (if possible in Dutch)

    or call + 31 6 30216539

    This question is answered. Thank you

Maybe you are looking for

  • "Check my spelling as I type" box became unchecked everytime I start Firefox.

    When I start Firefox, the "Check my spelling as I type" is unchecked. When I check it, it remains active and the spell checker works correctly, as long as Firefox session remains open. When I close Firefox and re - start, the box is unchecked again.

  • I can both picked up an iPhone 4 and a 5 c for a new iPhone iPhone 6?

    I can well picked up two old iPhones for a new phone and get the value of Exchange combined for two phones? I have an old 5 c and a 4. I can't find an answer to this online and the apple store nearest is over an hour away.

  • Forgotten password 6 figures - what to do?

    Year 96 old friend recently got locked out its iPhone 6 more and it became invalid because he forgot his password 4 digit and tried too many times to enter. Fortunately, we had access to her iCloud account and was able to do things out there to allow

  • Error trying to active 0xC004E003 please help ;(

    Hey guys, I really need your help. I've had this copy of Windows Vista for a few years now. It worked fine before, but for some reason strange today when I booted up it asks for my product key, so I tried to get inside it, and when I did, it gave me

  • Problem using Cisco WebEx on Win 7

    I try to use Cisco WebEx to use my home computer to get the files for the school. The meeting is set up at 100%, but whenever I try to access it from my Government computer, I get a saying that an add-on has failed. I tried, but I can't find the add-