PKI: Why does a user only have 2 certificate templates?

I

IrkDesigner2013-02-15 07:02:33

Cryptography

IrkDesigner, 2013-02-15 07:02:33

Good afternoon!
A certificate authority has been deployed in the domain, and the certificates of the root and intermediate CAs have been installed in the appropriate stores.
The certification authority itself has a web interface. Signing in requires the credentials of the person who needs to generate the certificate.
When requesting a certificate - advanced certificate request - issue a certificate to this CA, I have a choice of 8 templates, and the user has only two - EFS encryption and user. The required "user with smart card" template is not in the list. The user has local administrator rights on the local PC and on the server that issues certificates. The root and intermediate CA certificates are installed.
I understand that I'm doing something wrong, and most likely the case is in the lack of rights for the user. Maybe someone faced with a similar problem - help to cope.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

Maximus43, 2013-02-15
@IrkDesigner

OS on the domain server what?
You have problems with certificate template permissions. Check Enroll access.

K

kimssster, 2013-02-17
@kimssster

Can't you log in as an administrator with a smart card, then in the certificate issuance console, in personal select - all tasks - additionally - register on behalf of, select your enrollment certificate, specify a user name and issue a certificate to the user's smart card? It is desirable to have 2 card readers.