This procedure tests the Safeguard Authentication Services for Smart Cards installation. It ensures that the library is installed correctly, the card has been initialized, there is a valid user certificate installed, and the card can be used to log into Active Directory.
To test the Safeguard Authentication Services for Smart Cards installation
- Attach a supported reader.
- Insert the initialized card.
- Run the following command.
vastool smartcard test all
If the card is configured correctly, it displays output similar to the following:
Config: ------- Checking that a PKCS#11 library is specified ... ok (Specifying PKCS#11 slot is optional) Library: -------- Testing PKCS#11 library '/usr/local/lib/libxltCk.so': Checking PKCS#11 library may be dynamically loaded ... ok Checking PKCS#11 library contains necessary symbols ... ok Checking PKCS#11 function list can be obtained ... ok Checking PKCS#11 library version is compatible ... ok Checking PKCS#11 library can be initialized ... ok Checking PKCS#11 library can be finalized ... ok Card: ----- Getting mechanisms ... ok Checking for required mechanisms ... ok Testing that card contains a user ... ok User: ----- Testing user j.doe@example.com Testing if PIN is required ... ok Enter PIN for j.doe@example.com: **** Performing login to card ... ok Generating signature ... ok Verifying signature ... ok Login: ----- Testing user j.doe@example.com Testing if PIN is required ... ok Enter PIN for j.doe@example.com: Performing login to card ... ok Creating ID for client with UPN 'j.doe@example.com' ... ok Establish initial credentials using PKCS#11 ... ok