PIVKey and Microsoft Azure AD Certificate Based Authentication for Office 365

Microsoft Certificate Based Authentication (CBA) allows users of Microsoft Office 365 and other Azure AD enabled applications to use PIVKey Smart Cards for logon and authentication.

To learn more about how to configure CBA see the How To document on the Microsoft support site:

https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-certificate-based-authentication

Note the following:

You should ensure that the base CRL (Certificate Revocation List) for the certificates that are used on the smart card is available on the internet. 

If you are using the Microsoft CA, then you should ensure that that CRL distribution point is also listed in the certificate.   This can be done on the CA properties, under extensions, and then CRL CDP as shown below:

mceclip0.png

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk