A token or smart card can be used for authentication when accessing encrypted hard drives. To do so, you must add the file of a token or smart card electronic certificate to the command for creating an Authentication Agent account.
Use of a token or smart card is available only if the computer hard drives were encrypted using the AES256 encryption algorithm. If the computer hard drives were encrypted using the AES56 encryption algorithm, addition of the electronic certificate file to the command will be denied.
To add the file of a token or smart card electronic certificate to the command for creating an Authentication Agent account, you must first save the file using third-party software for managing certificates.
The token or smart-card certificate must have the following properties:
If the electronic certificate of the token or smart card does not meet this requirement, the Management Plug-in does not load the file of this certificate into the command for creating an Authentication Agent account and displays an error message.
KeyUsage parameter that defines the purpose of the certificate must have the value keyEncipherment or dataEncipherment.If the electronic certificate of the token or smart card does not meet this requirement, the Management Plug-in loads the file of this certificate into the command for creating an Authentication Agent account and displays a warning message.
If the electronic certificate of the token or smart card does not meet this requirement, the Management Plug-in does not load the file of this certificate into the command for creating an Authentication Agent account and displays an error message.