Import pfx files to your own Smart Card

If you have couple of pfx files and you need to put them manually on a smart card , maybe for small smart card deployment or to protect your KRAs .

To import keys using the Microsoft Base Smart Card Crypto Service Provider you need to performe the following steps:

  1. Modify the registry keysbelow:
    • HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Base Smart Card Crypto Provider\AllowPrivateExchangeKeyImport=DWORD:0x1
    • HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Base Smart Card Crypto Provider\AllowPrivateSignatureKeyImport=DWORD:0x1
  2. Use the certutil.exe tool to import the key stored in a pfx file:
    • certutil –csp “Microsoft Base Smart Card Crypto Provider” –importpfx {PFXfile}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s