Test the PKI smart card configuration

When do you test the PKI smart card configuration

You can check the validity of an inserted PKI smart card after you configured the PRISMAsync PKI smart card options.

Test the PKI smart card configuration

1. Connect the reader to a free USB port at the back side of PRISMAsync Print Server.

2. Open the Settings Editor and go to: [Configuration]  → [Users] .

   [Users] tab

3. Click [Configure PKI smart cards].

   [Users] menu

4. In the [Test smart cards] section, click [Start the search].

   Test smart cards

5. Use the [Select card reader] drop-down list to select the attached reader.

   Test smart cards

   The [Card status] field shows the status of the smart card:

   • [Readable]: PRISMAsync Print Server can read the smart card.

   • [Unreadable]: PRISMAsync Print Server cannot read the smart card.

   • [No smart card found]: there is no smart card in the reader.

   The [Card name] and [Card ATR] fields show the details of the inserted smart card.

6. Use the [Select smart card certificate] drop-down list to select the smart card certificate.

   Test smart cards

7. The following information is retrieved:

   • [Type of smart card certificate]: type of certificate ([Identity certificate], [Intermediate certificate], or [Root certificate] )

   • [Subject alternative names in smart card certificate]: fields that refer to the user names.

   • [Smart card certificate issued by]: issuer.

   • [Smart card certificate valid from]: start of validity period.

   • [Smart card certificate valid to]: end of validity period.

   • [Purpose of smart card certificate]: purpose of certificate.

8. The test results also show if the private key is available ([Private key is available] ) and if the smart card certificate is valid ([Smart card certificate chain is valid] ).

9. When the test reveals any problems within the certificate chain, then the problems are displayed in the [Found problems in smart card certificate chain] field.

10. To examine which chain certificate causes the problem, you can use the [Select certificate of smart card certificate chain] option to select the type of certificate you want to check.

    Test smart cards

11. Enter the PIN or password in the [PIN or password to check smart card] field.

    Test smart cards

12. Click [Start the test].

    The authentication process is starting.

    NOTE

    Be aware that smart cards can be blocked after a certain number of not succeeded PIN or password attempts.

13. When the credentials are valid, the test results show: [Succeeded].

    When the test reveals any authentication problems, they are specified.

14. The following information is retrieved.

    [Found username]: found username

    [Found user group or groups]: found type of user group.

    [Found local user group]: found name of local user group.

    Test smart cards

15. Click [OK].

More information

• Learn about PKI smart card usage

• Learn about authentication of PKI smart cards

• Create user group for smart card users from unknown domain

• Configure the use of PKI smart cards