When a virtual smart card is provisioned with the relevant certificates, it can be used by Microsoft Base Smart Card Cryptographic Service Provider (BaseCSP) for most Windows-related use cases, such as these:
- Windows logon, logging in to a PC or laptop
- TLS client cert authentication in Microsoft Edge
- Remote access using VPN or direct access
- Native app integration through MS crypto APIs CAPI or CNG
- Secure email using S/MIME
- Integration of PKCS#11 clients towards the virtual smart card, for example Firefox. This use case requires the PKCS#11 package, see Install and upgrade Personal Desktop App.
The following use cases only depend on Windows functionality and proper certificate configuration, independent of Personal Desktop App:
- Document protection by signing or encryption
- BitLocker drive encryption for data volumes
To get started with these use cases, a virtual smart card must first be created, see Create virtual smart card, and provisioned, see Issue certificates to virtual smart card.