2

I am working with Net.Pkcs11Interop.HighLevelAPI.Pkcs11 to get my epass2003 smart card token details. My code is working fine on localhost; after running I am getting all token information, but whenever I publish my code on my demo server and run the website on my machine my code does not detect my smartcard USB token.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Prabhakar
  • 55
  • 9
  • See my [older answer](https://stackoverflow.com/a/40114688/3325704) to similar question. – jariq Aug 05 '18 at 18:07
  • @jariq i Chang IIS application pool identity to LocalService but its not working for me. Exception are still here. can i show my code – Prabhakar Aug 06 '18 at 07:21
  • 1
    When you deploy your web application to IIS then .NET part of its code is executed on the server side and it naturally sees only smartcards connected directly to that server. If you want to access smartcards connected to the client computer you will need to execute code on the client side. This can be achieved with ActiveX component or some similar technology. – jariq Aug 06 '18 at 20:13
  • thanks @jariq for reply.please suggest me with best example for my requirement by ActiveX component in asp.net c# (Visual Studio 2013) – Prabhakar Aug 07 '18 at 06:24
  • 1
    I had the same problem. The only solution to solve this issue is to implement local service that response to http/https requests. – Alexander Oct 01 '18 at 11:58
  • you can use a self-host application in the client system and can call HTTP request from javascript – Prashanth Feb 20 '19 at 07:51
  • @Prabhakar, did you resolved this requirement or still you are looking for a solution? – Bharat Vasant May 18 '19 at 00:34
  • @BharatVasant no currently i have not get any solution for this problem – Prabhakar May 21 '19 at 12:58

1 Answers1

0

The problem turned out to be that the IIS does some sort of isolation to the application. Even if you change the user in the Application Pool, you won't be able to access the current user certificate store, so any digital signature will not work.

Even if the problems above are solved, if you require a pin prompt, I don't think the IIS will show it.

IIS is not suitable for this sort of application, an alternative I found is Kestrel server.

I also use ePass2003, and the solution I mentioned worked in Windows 10, and Windows Server 2019, but not Windows Server 2008; it was a pin prompt problem.

I use a couple of tokens simultaneously, and they work fine. But only on a physical machine, it doesn't see more than one token on a virtual machine.

Ahmed Hesham
  • 64
  • 3