How to reload SSL certificate from smartcard

Posted on 2010-03-25
Medium Priority
Last Modified: 2013-12-08

We use a smartcard with a certificate to access a web site using SSL/HTTPS. The problem is that we need to prevent the user from accessing the site when the key is removed.

So, is there any way to check for the certificate either in Javascript or to force IE to reask the certificate to the key? Ideally this would be without prompting for the PIN again.
Question by:Jonthemoon
  • 2
LVL 31

Expert Comment

ID: 28591969
Once the SSL session is started, there isn't really a good way of restricting that if the card is removed, if that is what you are asking.  The cert on the card is only used during session setup, once the handshake is complete the cert is out of the picture.  You would need a client component installed to monitor for card removal.

For domain workstations where you are also using the smartcard to log into the workstation, you could enable the GPO setting to either lock or log out upon card removal.

Help this helps...

Accepted Solution

Jonthemoon earned 0 total points
ID: 28592374
Ha Paranormastic,

I finally found a way using an ActiveX that we use here that allows some way of polling the card using javascript. This works fine.

Thanks for your time.
LVL 31

Expert Comment

ID: 28597728
That would be the client component method - it just had to be something outside of the SSL session.  Glad you got it working.

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Good news! Plesk 12.5 (with update #28 and above) now includes support for HTTP/2. This is a major update to HTTP1.1, which is over 15 years old. Read below to learn how to enable HTTP/2 on your Media Temple DV with Plesk.
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
Suggested Courses
Course of the Month3 days, 5 hours left to enroll

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question