

These instructions include steps for a basic configuration. IMPORTANT: The installation should be performed by an experienced system administrator. NOTE: If a Certification Authority already exists in your environment, skip this chapter and proceed to YubiKey Minidriver Installation. These steps assume an Active Directory environment is already stood up and configured. This chapter covers the basic configuration for setting up a new Certification Authority (CA) to a Windows Server (2016 and above). In order to utilize the Smart Card functions in a Windows environment using the YubiKey Minidriver, a Certification Authority (CA) must first be stood up. Protecting Microsoft Cloud Environment with a YubiKeyĬonfiguring a Certification Authority (CA) for Smart Card Authentication.


Adding an Enterprise Root Certificate to the YubiKey.Working with Enterprise Root Certificates.Adding a Key to the Windows Registry to Delay the Smart Card Removal Policy Service.Editing Group Policy to Lock the User's Workstation when a Smart Card is Removed.Changing the Behavior for Your Domain When You Remove the Smart Card.Adding ECC Through a Group Policy Object.Adding Support for Elliptic Curve Cryptography (ECC) Certificate Login.Configuring a Certification Authority (CA) for Smart Card Authentication.Previous: YubiKey Smart Card Deployment Considerations Main Page: YubiKey Smart Card Deployment Guide
