Caching a smart card PIN with Chromium Embedded Framework
Question
I have a service-oriented webapp that uses IIS 8.5 and client certificate authentication via smartcard. The statically served front-end calls multiple services via AJAX. The smartcards with the certificates are protected with a PIN. When using Chrome, Firefox, etc. the PIN prompt appears once and is seemingly cached for subsequent use.
However, we need to embed the webapp inside a Windows 10 .NET desktop application using cefsharp . The webapp works, but the user is requested to enter their PIN constantly, once per service is seems, and then shortly after some timeout again, for (I think) each service.
I don't know where to begin to know if it's possible to implement caching with cefsharp. From what I read this data should have been cached by Windows , but it doesn't look like this is the case or the embedded chromium is confusing the caching strategy.
Is smartcard PIN caching something that can be done with cefsharp (or IIS, or even the client's Windows machine if we must)?
1 answers
solution1
1 2020-12-02 14:47:35
With Gemalto, you need to change the sleep time for the smartcard (registry action for EACH CLIENT):
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\calais
“CardDisconnectPowerDownDelay”= dword:xxh Type: REG_DWORD Value: xx is the delay period in seconds.
In our case we have set this to 180 seconds, and works fine for us (75000 cards deployed)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.