Die Microsoft Smartcard-Ressourcenverwaltung wird ausgeführt.
Aktueller Leser-/Kartenstatus:
Leser: 2
0: Broadcom Corp Contacted SmartCard 0
1: Broadcom Corp Contactless SmartCard 0
--- Leser: Broadcom Corp Contacted SmartCard 0
--- Status: SCARD_STATE_PRESENT | SCARD_STATE_UNPOWERED
--- Status: Die Smartcard kann verwendet werden.
--- Karte: cv act sc/interface MD G&D STARCOS 3.2
--- ATR:
3b 9f 96 81 b1 fe 45 1f 07 00 64 05 1e b2 00 31 ;.....E...d....1
b0 73 96 21 db 05 90 00 5c .s.!....\
--- Leser: Broadcom Corp Contactless SmartCard 0
--- Status: SCARD_STATE_EMPTY
--- Status: Keine Smartcard.
--- Karte:
=======================================================
Karte im Leser wird analysiert: Broadcom Corp Contacted SmartCard 0
--------------===========================--------------
================ Zertifikat 0 ================
--- Leser: Broadcom Corp Contacted SmartCard 0
--- Karte: cv act sc/interface MD G&D STARCOS 3.2
Anbieter = Microsoft Base Smart Card Crypto Provider
Schlüsselcontainer = cf2e5694-8020-b547-cae6-224fd2bbd17d [Standardcontainer]
Kein Schlüssel "AT_SIGNATURE" für Leser: Broadcom Corp Contacted SmartCard 0
Seriennummer: 25dff825b4731a024bc6396d
Aussteller: CN=Fraunhofer User CA - G02, OU=Fraunhofer Corporate PKI, O=Fraunhofer, L=Muenchen, S=Bayern, C=DE
Nicht vor: 20.12.2021 14:44
Nicht nach: 19.12.2026 14:44
Antragsteller: CN=REDACTED, O=Fraunhofer, C=DE
Kein Stammzertifikat
Zertifikathash(sha1): 5327847cccec8e7f9c50580ff5bf6a598f7518b3
Vergleich AT_KEYEXCHANGE öffentlicher Schlüssel wird durchgeführt...
Vergleich öffentlicher Schlüssel erfolgreich
Schlüsselcontainer = cf2e5694-8020-b547-cae6-224fd2bbd17d
Anbieter = Microsoft Base Smart Card Crypto Provider
Anbietertyp = 1
Kennzeichen = 1
0x1 (1)
Schlüsselspez. = 1 -- AT_KEYEXCHANGE
Privater Schlüssel verifiziert
Zertifikatkettenverifizierung wird durchgeführt...
Kette gültig
Smartcard-Anmeldung: Die Kette auf der Smartcard ist ungültig
dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
HCCE_LOCAL_MACHINE
CERT_CHAIN_POLICY_BASE
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwRevocationFreshnessTime: 4 Hours, 52 Minutes, 24 Seconds
SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwRevocationFreshnessTime: 4 Hours, 52 Minutes, 24 Seconds
CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=Fraunhofer User CA - G02, OU=Fraunhofer Corporate PKI, O=Fraunhofer, L=Muenchen, S=Bayern, C=DE
NotBefore: 20.12.2021 14:44
NotAfter: 19.12.2026 14:44
Subject: CN=REDACTED, O=Fraunhofer, C=DE
Serial: 25dff825b4731a024bc6396d
SubjectAltName: RFC822-Name=REDACTED
Cert: 5327847cccec8e7f9c50580ff5bf6a598f7518b3
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
CRL (null):
Issuer: CN=PN: OCSP-Responder, OID.2.5.4.65=OCSP-Responder, OU=DFN-PKI, O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V., L=Berlin, S=Berlin, C=DE
ThisUpdate: 19.05.2026 06:44
NextUpdate: 26.05.2026 06:44
CRL: ec18222014f5552d12fbb1bbeddc56e80cff1dda
Issuance[0] = 1.3.6.1.4.1.22177.300.1.1.4
Application[0] = 1.3.6.1.5.5.7.3.4 Sichere E-Mail
CertContext[0][1]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=DFN-Verein Certification Authority 2, OU=DFN-PKI, O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V., C=DE
NotBefore: 24.05.2016 13:38
NotAfter: 23.02.2031 01:59
Subject: CN=Fraunhofer User CA - G02, OU=Fraunhofer Corporate PKI, O=Fraunhofer, L=Muenchen, S=Bayern, C=DE
Serial: 1b63bac68b5242
Cert: 0cba47b89edd0451ebcdde9e8b6a8d72d50008d9
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
CRL (null):
Issuer: CN=PN: OCSP-Responder, OU=DFN-PKI, O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V., C=DE
ThisUpdate: 19.05.2026 06:15
NextUpdate: 26.05.2026 06:15
CRL: 6110a15710083eed8510c0c3dded688dd84f4605
Issuance[0] = 1.3.6.1.4.1.22177.300.1.1.4
Issuance[1] = 1.3.6.1.4.1.22177.300.30
CertContext[0][2]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE
NotBefore: 22.02.2016 15:38
NotAfter: 23.02.2031 01:59
Subject: CN=DFN-Verein Certification Authority 2, OU=DFN-PKI, O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V., C=DE
Serial: e30bd5f8af25d981
Cert: e224bef6d786220d262bb807ab6dacf9d3a89a93
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
CRL (null):
Issuer: CN=OCSP-Signer T-TeleSec GlobalRoot Class 2, O=Deutsche Telekom Security GmbH, C=DE
ThisUpdate: 19.05.2026 10:17
NextUpdate: 24.05.2026 10:17
CRL: 9980061829170582ffca10a3bfd78e0c07f7a00b
Issuance[0] = 1.3.6.1.4.1.22177.300.1.1.4
Issuance[1] = 1.3.6.1.4.1.22177.300.30
Issuance[2] = 2.23.140.1.2.2
CertContext[0][3]: dwInfoStatus=10c dwErrorStatus=0
Issuer: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE
NotBefore: 01.10.2008 12:40
NotAfter: 02.10.2033 01:59
Subject: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE
Serial: 01
Cert: 590d2d7d884f402e617ea562321765cf17d894e9
Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Exclude leaf cert:
Chain: a8b58456c048bc15f842e002b235b3890e5f4e13
Full chain:
Chain: 9801de755449af37d0e3131b886e159eff5a054c
------------------------------------
Verfizierte Ausstellungsrichtlinien:
1.3.6.1.4.1.22177.300.1.1.4
Verfizierte Anwendungsrichtlinien:
1.3.6.1.5.5.7.3.4 Sichere E-Mail
Angezeigtes Zertifikat AT_KEYEXCHANGE für den Leser: Broadcom Corp Contacted SmartCard 0
--------------===========================--------------
As middleware I am using Cryptovision SCinterface 8.1.23.743.
I would really like to help make this card and middleware work with your plugin.
Unfortunately, I could not get logging to work for KeePass, so I don't have any more logs to share.
Hello there,
first of all, thanks for your work bringing MFA to KeePass. I just wanted to let you know that I tried to make our smartcards work with your plugin. Unfortunately, I am getting the error: "Der öffentliche Schlüssel des Anbieters ist ungültig." I am using Windows 11 and KeePass 2.61 with plugin version 1.3.2.0.
Here is the first couple of lines of
certutil -scinfo:As middleware I am using Cryptovision SCinterface 8.1.23.743.
I would really like to help make this card and middleware work with your plugin.
Unfortunately, I could not get logging to work for KeePass, so I don't have any more logs to share.
Regards
TickoSpy