- This line was added.
- This line was removed.
- Formatting was changed.
To get started with virtual smart card usage, the first step is to create a virtual smart card (VSC) on the trusted platform module (TPM).
For users with admin rights
If the user has admin rights on the PC or laptop, and not the highest User Account Control (UAC) setting, a virtual smart card is created automatically when it is provisioned , that is, when certificates are issued. or when a PKCS#12 file is imported.
Option to grant permission to create VSC
allowcreatevsc option set to
true at the installation of the Smart ID Desktop App, the administrator gives consent to VSC creation to all users. See Install and upgrade Smart ID Desktop App.
For users without admin rights
If the above is not met (admin rights and UAC setting), a virtual smart card must be created some other way, normally by the IT department using available Windows tools.
To pre-create virtual smart cards, a script could for example be executed when the user logs in, to set a default admin key and transport PIN. The key and PIN can then be automatically changed during the provisioning process.
If VSC creation is granted (see the previous section), you can create virtual smart cards as if you have admin rights.
For more information, see the documentation from Microsoft on how to Create and personalize virtual smart cards.
Next step: provisioning
For more information on provisioning of virtual smart cards in the Nexus Smart ID context, see Issue certificates to virtual smart card.