IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2

Adding a registry key for the DNIe smart card middleware

After unregistering the DNIe certificate store, add a registry key for the DNIe smart card middleware. You must also create policies for certificate protection, exclusive access, and RSA encryption.

Procedure

  1. On your Windows desktop, click Start > Run.
  2. In the Open field, enter regedit and click OK.
  3. Create a smart card key.
    1. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\.
    2. Right-click and select New > Key.
    3. Enter SmartCard.
    4. Click OK
  4. Create a AutoDetectCardMiddlewareEnabled policy.
    1. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\SmartCard\.
    2. Right-click and select New > DWORD Value.
    3. Enter AutoDetectCardMiddlewareEnabled.
    4. Right-click AutoDetectCardMiddlewareEnabled and select Modify.
    5. In the Value data field, specify 0.
    6. Click OK.
  5. Create an IBM® smart card middleware key.
    1. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\SmartCard\.
    2. Right-click and select New > Key.
    3. Enter Middleware.
    4. Click OK.
    5. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\SmartCard\Middleware\.
    6. Right-click and select New > Key.
    7. Enter IBM.
    8. Click OK.
  6. Set the Cryptographic Service Provider name.
    1. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\SmartCard\Middleware\IBM\.
    2. Right-click and select New > String Value.
    3. Enter CSPName.
    4. Right-click CSPName and select Modify.
    5. In the Value data field, specify IBM PKCS11 CSP.
    6. Click OK.
  7. Create a CertProtectedByPIN policy.
    1. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\SmartCard\Middleware\IBM\.
    2. Right-click and select New > DWORD Value.
    3. Enter CertProtectedByPIN.
    4. Right-click CertProtectedByPIN and select Modify.
    5. In the Value data field, enter 1.
    6. Click OK.
  8. Create a ExclusiveAccess policy.
    1. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\SmartCard\Middleware\IBM\.
    2. Right-click and select New > DWORD Value.
    3. Enter ExclusiveAccess.
    4. Right-click ExclusiveAccess and select Modify.
    5. In the Value data field, enter 1.
    6. Click OK.
  9. Create a RsaEncryptionEnabled policy.
    1. Select HKEY_LOCAL_MACHINE\SOFTWARE\IBM\SOCIAccess\SmartCard\Middleware\IBM\.
    2. Right-click and select New > DWORD Value.
    3. Enter RsaEncryptionEnabled.
    4. Right-click RsaEncryptionEnabled and select Modify.
    5. In the Value data field, enter 0.
    6. Click OK.
Parent topic: Setting up smart card authentication

Feedback