Page tree

Are you looking for the latest documentation for the current versions of Nexus' products?


Skip to end of metadata
Go to start of metadata

When a virtual smart card is provisioned with the relevant certificates, it can be used by Microsoft Base Smart Card Cryptographic Service Provider (BaseCSP) for most Windows-related use cases, such as these: 

  • Windows logon, logging in to a PC or laptop
  • TLS client cert authentication in Microsoft Edge
  • Remote access using VPN or direct access
  • Native app integration through MS crypto APIs CAPI or CNG
  • Secure email using S/MIME
  • Integration of PKCS#11 clients towards the virtual smart card, for example Firefox. This use case requires the PKCS#11 package, see 1.1 - Install and upgrade Personal Desktop App.

The following use cases only depend on Windows functionality and proper certificate configuration, independent of Personal Desktop App:

  • Document protection by signing or encryption
  • BitLocker drive encryption for data volumes

To get started with these use cases, a virtual smart card must first be created, see 1.1 - Create virtual smart card, and provisioned, see Issue virtual smart cards