No valid certificates were found on this smart card

Question

I'm using Yubikey4 as my smart card with my StartCom Class 1 login certificate. My problem is: windows don't want to use this card.

Windows credential manager: "No valid certificates were found on this smart card".

Microsoft office doesn't see this card.

Windows VPN: "A certificate could not be found that can be used with this Extensible Authentication Protocol."

Keepass2 (RSA Certificate Key Provider plugin - uses windows security): "No cerficiate available. No certificates meets the application criteria." (of course tested with RSA certificate too).

My certificate details:

Key Usage: Digital Signature, Key Encipherment, Data Encipherment (b0)

Enhanced Key Usage: Client Authentication (1.3.6.1.5.5.7.3.2), Secure Email (1.3.6.1.5.5.7.3.4)

Public key parameters: ECDH_P384

From device manager:

Smart card name: "Identity Device (NIST SP 800-73 [PIV])"

Smart card reader name: "Microsoft Usbccid Smartcard Reader (WUDF)"

Is there any key usage required for smart card usage?

Answer 1

Your Device Manager indicates that you are using the Microsoft Minidriver for the smartcard. According to the Yubikey Basic Troubleshooting Guide this problem can be caused by using these minidrivers for the smartcard rather than the Yubico minidrivers.

You can install the driver following this guide: https://support.yubico.com/hc/en-us/articles/360015654560-Deploying-the-YubiKey-Minidriver-to-Workstations-and-Servers.