The setup for PKI and smart cards is the most involved out all of the authentication methods. This setup and configuration requires an Active Directory Certificate Services Certification Authority (CA) if you do not already have one installed in your environment, and can also use a Sub-CA (usually best practice).
Overview
- Active Directory Service Account Setup
- Certificate Template Setup
- IIS Configuration for PKI
- Set up Smart Card Default Key
- Create A Smart Card Certificate Set
- Create A Smart Card Authentication Set
- Install smart card middleware to server and client(s). The middleware will be unique to the card and should be found on the manufacturer's website.