One of the biggest challenges I encountered in my WFH setup had to do with using my smart card with a virtual Windows environment.
Previously, when I tried to sign into my work account from my Windows 11 Home VM on Parallels for Mac, I could never get the machine to use my smart card for authentication. I would get error after error, and I could never figure out what was causing the problem.
I tried:
- installing different versions of OpenSC
- installing updated drivers for my specific card reader
- reinstalling root certificates
- futzing with the Parallels settings
It seemed like I tried everything, to no avail. Even when I had the dumb luck to get it working on my Mac mini, I wasn't sure exactly how I did it. I thought it had something to do with the right sequence of configuration steps— as if installing OpenSC either before or after installing the root certs had anything to do with it.
The test came with running certutil -scinfo. I always got a File Not Found error. I could run the pkcs11-tool to read the certificates on the smart card, but the minidriver was a bust. Every. Single. Time.
I finally figured out what the problem was.
Turns out I had to update the registries for the generic card readers (both 32-bit and 64-bit) by using the ATR value that I would get when I ran certutil -scinfo. Once I did that and cleared the SSL slate in Windows 11, I was able to use the smart card to sign into my work account.