如果您的DSC令牌与Windows加密的其余部分一起作为智能卡运行,则certutil工具将有所帮助。该工具将复制证书关闭它认为任何设备是智能卡和注册私钥地址(被在智能卡):
C:\Users\jbarton>certutil -scinfo -silent
The Microsoft Smart Card Resource Manager is running.
Current reader/card status:
Readers: 1
0: Gemplus USB Smart Card Reader 0
--- Reader: Gemplus USB Smart Card Reader 0
--- Status: SCARD_STATE_PRESENT
--- Status: The card is available for use.
--- Card: Axalto Cryptoflex .NET
--- ATR:
3b 16 96 41 73 74 72 69 64 ;..Astrid
=======================================================
Analyzing card in reader: Gemplus USB Smart Card Reader 0
--------------===========================--------------
================ Certificate 0 ================
--- Reader: Gemplus USB Smart Card Reader 0
--- Card: Axalto Cryptoflex .NET
Provider = Microsoft Base Smart Card Crypto Provider
[SNIP bunch of less useful stuff]
CertContext[0][0]: dwInfoStatus=2 dwErrorStatus=1000041
Issuer: CN=Mister Issuer, DC=Authority, DC=PKI
NotBefore: 6/17/2013 4:26 PM
NotAfter: 6/17/2014 4:26 PM
Subject: CN=Jeremy Barton, OU=Users, DC=PKI
[more SNIPping]
--------------===========================--------------
使用MMC查看CurrentUser \我的店(certmgr.msc,个人 - >证书)应该在该命令后显示来自智能卡的证书。出于某种原因,我昨天在命令运行时遇到了一个案例,我在MMC中看到了它,但是一个打开X509Store
以查找新证书并使用它的工具没有找到它几秒钟(didn 2秒后不工作,但在检查电子邮件后再次尝试)。 (是的,我知道我的测试智能卡很旧,但是,是的,certutil -scinfo
复制了它,因为它仍然在智能卡上,所以它仍然对某人(我!)有用)。
而且不要忘记-silent
,否则你会得到PIN提示。很多。
.NET不知道这个DSC令牌是什么。您必须提供给'X509Store'类证书对象。 – Crypt32