PIVKEY FAQ
What does PIVKey do?
PIVKey allows users to issue and manage a PIV (Personal Identity Verification)
compatible card, using the standard Windows certificate enrollment processes to
load certificates on the card.
What is the Default PIN and Admin Key?
When you first receive your PIVKey the default PIN is:
Six zeros: 000000
The default Admin Key is:
Forty-eight zeros
Why do I need to test my PIVKey first?
Before installing any software you?ll want to test your new card first. This will verify
that your PIVKey is being read and that the user PIN is set to six zeros (you will have
to enter it when prompted).
How do I test my PIVKey card?
You can test your new card without downloading any software, or doing anything
special right away. Your card comes loaded with a digital certificate issued by PIVKey
which you can use to test the card with HTTPS client certificate authentication
against our test website. To do so, insert your PIVKey smart card into your smart
card reader, or PIVKey Token into a USB slot. Open Microsoft Edge, Internet Explorer,
or Google Chrome and browse to https://www.pivkey.com/test/. You will be asked to
select or confirm your certificate, and enter the PIN ?000000?. You can confirm that
the PIVKey certificate was used by selecting the ?Certificate Info? page. For
screenshots of this process, see the article Testing a PIVKey at
pivkey.zendesk.com
Do I need Windows to load certificates onto my PIVkey
card?
Yes, PIVKey is designed to use the Microsoft Minidriver interface to load certificates
and generate keys. PIVKey works with Windows Server 2008, 2008R2, 2012, 2012R2
and 2016, and Windows versions 7, 8.0, 8.1, and 10.
See pivkey.zendesk.com for articles on Supported Card/Certificate
Management Systems and Certificate Authorities, Windows Certificate Authority set
up, and certificate management using the Microsoft Windows Certutil tool and the
PIVKey Admin Tools.
What do I need to issue smart card certificates?
To use the Microsoft Windows Certificate Authority, you?ll need:
- Microsoft Windows Server configured as a Domain Controller
- DNS server configured with the correct domain name
- Microsoft Windows Certificate Services in Enterprise mode
- An enrollment station PC joined to the domain with a smart card reader and
the PIVKey Admin Tools.
Other Card/Certificate Management Systems and Certificate Authorities can be used
if they support the use of the Windows Smart Card Base CSP. For workgroup or
standalone PCs, there are Single Sign-On applications that we can recommend to
enable smart card based logon without a domain or even a certificate authority. See
pivkey.zendesk.com for articles on each of these options.
What if I?m using Linux?
To use PIVKey on Linux systems requires the installation of PIV Middleware (and
CCID support if using PIVkey USB tokens). There is a wide variety of commercial
middleware packages available for PIV on Linux. In addition, there is an open source
package called OpenSC that supports PIV. OpenSC provides some tools, and most
importantly a PKCS11 library, that allows PIV cards to be used by applications like
Firefox and SSH. Please note that OpenSC supports PIVKey (and other PIV cards) in
Read Only mode. You cannot use OpenSC to write certificates to the card, only to
read and use certificates. See articles on pivkey.zendesk.com for more on
OpenSC Middleware and PIVKey on Linux.
What if I?m using the Firefox browser?
Firefox Browser requires an additional PKCS11 component that supports the PIV interface.
OpenSC is an open source package that can do so.
Where do I get the software?
The PIVKey Admin Installer is required to manage the PIVKey: to load certificates, to
map certificates to the PIV certificate slots, to unblock the user PIN, etc. It should be
installed on an Admin enrollment station or on a central server.
If the client machines have a PIV interface, no PIVKey software is required on those
machines as long as the certificates are mapped to the PIV certificate slots. For
example, the standard in box Microsoft Windows smart card minidriver will be able
to recognize and utilize certificates that are mapped to the PIV slots.
The PIVKey User Installer places the PIVKey Minidriver on Windows client machines.
One example when this would be necessary: if there are more than 4 certificates on
a PIVKey (there are only 4 PIV slots available for mapping). With the PIVKey
Minidriver installed, all certificates on the PIVKey would be recognized and available
for use. In addition, PIVKey User Install allows certificates to be loaded to the
PIVKey.
See the DOWNLOADS section on pivkey.zendesk.com for both installers.
Happy with your PIVKey? We want to know!
Please leave us a review at:
https://www.amazon.com/review/create-review
If you?re not happy for any reason please reach out to us directly. We want you to be
completely satisfied with your purchase and we sincerely appreciate your business!
More Questions?
If you have more questions, don?t be shy. We are here to help. You can learn more
on our support page at www.pivkey.zendesk.com, or send us a support ticket.
-
1
-
2
-
3
w innych językach
- English: Taglio PK-C910 User guide
Inne dokumenty
-
Dell Precision 3450 Small Form Factor Instrukcja obsługi
-
Dell Precision 3440 Small Form Factor Skrócona instrukcja obsługi
-
HP EliteBook 2740p Base Model Tablet PC Instrukcja obsługi
-
Dell Latitude 5400 Instrukcja obsługi
-
-
Dell Latitude 5500 Instrukcja obsługi
-
Dell Latitude 5411 Instrukcja obsługi
-
Dell Precision 3430 Small Form Factor Instrukcja obsługi
-
Dell Latitude 5511 Skrócona instrukcja obsługi
-
Hasbro Crocodile Chomp Instrukcja obsługi