| Yubico Forum https://forum.yubico.com/ |
|
| BitLocker in Windows 10 doesn't allow to choose smart card https://forum.yubico.com/viewtopic.php?f=35&t=2563 |
Page 1 of 1 |
| Author: | grunai [ Thu Feb 09, 2017 1:28 pm ] |
| Post subject: | BitLocker in Windows 10 doesn't allow to choose smart card |
Hi! I am trying to set up disk encryption in Windows 10 Pro using BitLocker and self-signed x509 certificate. To achieve that I was following this tutorial: http://www.securearchitectures.com/2015 ... rd-to.html . I had set SelfSignedCertificates to 1 in registry and allowed running BitLocker without tpm. I also shared certificate as instructed in https://technet.microsoft.com/en-us/lib ... 30(v=ws.10).aspx . Unfortunately when I try to enable encryption I am not offered SmartCard option -- only password and usb keyfile. Can anyone tell me what I am missing? Best regards, grunai. |
|
| Author: | byenilmez [ Sun Feb 12, 2017 7:11 pm ] |
| Post subject: | Re: BitLocker in Windows 10 doesn't allow to choose smart ca |
Hi, I've used the same tutorial. You may have not noticed but there is a typo in this line: Quote: Sign the certificate with the internal CA .\openssl.exe x509 -req -days 36500 -sha512 -in 'C:\Users\dlohin\Documents\bit\bitlockercsr.pem' -CA C:\Users\dlohin\Documents\bit\cacert.pem -CAkey C:\Users\dlohin\Documents\bit\cakey.pem -CAcreateserial -out C:\Users\dlohin\Documents\bit\bitlockercer.pub The default days should be 365000 not 36500. If it still not fixes it, share your openssl.cnf file, in case you've modified it. Regards, Bekir |
|
| Author: | grunai [ Mon Feb 13, 2017 8:54 pm ] |
| Post subject: | Re: BitLocker in Windows 10 doesn't allow to choose smart ca |
Thank you for your response. I had to use smaller value for availability period because of 2038 year bug in openssl. Here is my openssl.cnf file: http://pastebin.com/2WiCEuBD I appreciate your help. Best regards, grunai. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|