:::MENU:::

Allow ECC certificates to be used for logon and authentication

This policy setting allows you to control whether elliptic curve cryptography (ECC) certificates on a smart card can be used to log on to a domain. If you enable this policy setting ECC certificates on a smart card can be used to log on to a domain. If you disable or do not configure this policy setting ECC certificates on a smart card cannot be used to log on to a domain. Note: This policy setting only affects a user’s ability to log on to a domain. ECC certificates on a smart card that are used for other applications such as document signing are not affected by this policy setting. Note: If you use an ECDSA key to log on you must also have an associated ECDH key to permit logons when you are not connected to the network.


Additional Information

  1. Registry path is:

    HKEY_LOCAL_MACHINE -> SOFTWARE -> Policies -> Microsoft -> Windows -> SmartCardCredentialProvider # EnumerateECCCerts

  2. The Administrative Template path is:

    Windows Components -> Smart Card

Notes

* Making mistakes while changing registry values can affect your system adversely. We recommend you to create a System Restore point before making registry manipulation. If you're new to Registry Editor, read this beginner's guide.
** To locate the registry and administrative template path, checkout beginner's guide.
You're here :
Checkout Kapil Sparks™