Issue certificates to virtual smart card
Standard workflow
| Actor | Action | Option | |
|---|---|---|---|
| 1 | Virtual smart card user | In Smart ID Self-Service: Selects Provision certificates to virtual smartcard. A predefined selection of certificates will be provisioned. By default, this includes an authentication and a signature certificate. If encryption certificates are available for recovery, a form is displayed to select certificates to be restored. Clicks Next. | - |
| 2 | Smart ID Desktop App | Starts and activates a smart card profile. | - |
| 3 | Virtual smart card user | In Smart ID Desktop App: Enters a PIN. | - |
| 4 | Smart ID Desktop App | Creates key pairs on the trusted platform module (TPM). | - |
| 5 | CA | Issues certificates. The certificate is stored in Identity Manager and on the TPM. | |
| 6 | Virtual smart card user | In Smart ID Desktop App: Confirms the new certificate. | |
| 7 | Identity Manager | Displays the virtual smart card in Credentials tab in Smart ID Self-Service. | - |
Configuration options
Change the selection of certificates:
- In Identity Manager Admin, open the process Provisioning certificate to virtual smartcard (PcmProcProvisioningCertificateToVSC).
- Edit the form Info (PcmFormSelectCertificatesForVirtualSmartcard).
- Enable or disable these certificates fields, who should be issued (Authentication, Signature or Encryption Certificate).
Technical reference
- PcmProcProvisioningCertificateToVSC