Setting a Certificate as Default or Auxiliary

If there are multiple certificates on the token, you can determine which one is set as Default and which is set as Auxiliary.

Each option is enabled only if the action can be performed on that particular certificate or key.

The following table describes the use of these settings:

Setting

Description

Scenario

Default

Smart card logon uses the certificate defined as the Default.

In most Microsoft applications, smart card logon is used.

Your token contains two certificates. One is for logon to domain A and the other for logon to domain B. Your previous logon was to domain A, which means that the certificate for logon to domain A is now the Default. If you now log on to domain B from another computer, the logon fails as it tries to use the domain A certificate. If you first set the domain B certificate as Default, the logon uses the correct certificate, and the logon succeeds.

Auxiliary

Some applications use Client Authentication and not smart card logon. Client Authentication provides access to fewer system resources than smart card logon.

SafeNet Authentication Client enables a Client Authentication logon process for these applications, such as VPN.

If more than one certificate on the token includes Client Authentication as an Intended Purpose, define which certificate to use by setting it as the Auxiliary.

Your token contains a certificate intended for VPN connection, but there is another certificate that also includes Client Authentication as its Intended Purpose. The certificate for the VPN connection must be set as Auxiliary, to ensure that it is used as the default for VPN logon.

 

NOTE

iKey does not support Auxiliary certificates. It treats an Auxiliary certificate as a Default certificate.

To set a certificate as Default or Auxiliary:

1         Open SafeNet Authentication Client Tools Advanced View.
See Opening the Advanced View

2         In the left pane, expand the node of the required token, and right-click the required certificate.

3         From the shortcut menu, select Set as Default or Set as Auxiliary.

The Token Logon window opens.

Token_Logon00024.png 

4         Enter the Token Password, and click OK.

The certificate is set as Default or Auxiliary.

 

 

SafeNet Authentication Client

© Copyright 2013 SafeNet Inc. All rights reserved.