Key Attestation with Yubikey PIV/SmartCard on Certification Authority

Jan Zak 5 Reputation points
2023-06-14T10:34:57.6966667+00:00

Hello, we have configured internal AD CS to enroll certificates for Smart Card Logon for Yubikey users using PIV. Everything works fine from this point. Now we would like to ensure that certificates can be enrolled to (preferable) registered keys only, or at least to Yubikey devices. Is it possible to configure Key Attestation?

What we tried:

  • Create EKROOT and EKCA containers on Certification Authority
  • Imported certificate into "Endorsement Key Trusted Root Certification Authorities" on CA
  • Imported intermediate certificates (exported from Yubikey's F9 slot) into "Endorsement Key Intermediate Certification Authorities" on CA
  • Configured certificate template with "Required" on Key Attestation with option "Hardware certificate" and "Perform attestation only"

With this (and multiple slightly similar setups), we are getting error during certificate enrollment

User's image

Eventlog says:

Microsoft-Windows-CertificateServicesClient-CertEnroll, ID 82:

Certificate enrollment for DOM\user failed in authentication to all urls for enrollment server associated with policy id: {PolicyGUID} (The requested key container does not exist on the smart card. 0x80100030 (-2146435024 SCARD_E_NO_KEY_CONTAINER)). Failed to enroll for template: YubiKeySmartCardLogon(test)

Microsoft-Windows-CertificateServicesClient-CertEnroll, ID 13:

Certificate enrollment for DOM\user failed to enroll for a YubiKeySmartCardLogon(test) certificate with request ID N/A from ca2.dom\Issuing Windows CA (The requested key container does not exist on the smart card. 0x80100030 (-2146435024 SCARD_E_NO_KEY_CONTAINER)).

Key attestation is usually mentioned for TPMs, is it possible to achieve similar functionality for Yubikey or other devices?

Thank you in advance for any hints. //Jan

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
0 comments No comments
{count} vote

3 answers

Sort by: Most helpful
  1. Limitless Technology 44,776 Reputation points
    2023-06-15T10:32:49.3733333+00:00

    Hello Jan,

    Thank you for your question and for reaching out with your question today.

    Key attestation is a feature typically associated with TPM (Trusted Platform Module) devices, and it is not directly applicable to Yubikey or other smart card devices. Key attestation verifies the integrity and trustworthiness of the key generated by the TPM.

    In the case of Yubikey or other smart card devices, the key pair generation and storage occur within the device itself. The Certificate Authority (CA) does not have direct control over the key generation process or access to the private key stored on the smart card. As a result, traditional key attestation mechanisms used with TPM devices cannot be applied to smart card-based solutions.

    To ensure that certificates can be enrolled only on registered keys or Yubikey devices, you may need to implement additional measures outside the scope of key attestation. Here are a few suggestions:

    1. Physical security: Ensure that the Yubikey devices are physically secured and accessible only to authorized individuals. This includes implementing proper controls such as restricted access to key storage areas and monitoring key issuance and usage.
    2. Certificate Template restrictions: Configure the certificate template to enforce additional restrictions, such as specifying the exact key container or smart card serial number that should be used for enrollment. This helps ensure that certificates are only issued for the specified registered keys.
    3. Certificate issuance process: Implement a robust process for certificate issuance that includes verifying the identity and ownership of the Yubikey or smart card device before issuing the certificate. This can involve additional identity verification steps or requiring the user to present the physical smart card device for enrollment.
    4. Certificate revocation: Implement a process for revoking certificates in case of loss, theft, or compromise of the Yubikey or smart card device. Revoking certificates helps prevent unauthorized access if the device is no longer in the possession of the rightful owner.

    By combining these measures, you can enhance the security and ensure that certificates are enrolled only on registered keys or Yubikey devices. However, please note that the exact implementation details may vary based on your specific environment, smart card management systems, and certificate authority configuration. It is advisable to consult with your organization's security and IT teams or seek guidance from the smart card device vendor for the most appropriate and secure configuration.

    I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

    If the reply was helpful, please don’t forget to upvote or accept as answer.

    Best regards.

    0 comments No comments

  2. Uwe Gradenegger 0 Reputation points
    2025-03-24T18:49:45.6866667+00:00

    Hello, we are currently integrating Yubikey PIV attestation into the TameMyCerts policy module for Microsoft AD CS and are heading for a release in the upcoming weeks. This might be exactly what you were looking for.

    Here is a preview on how it will work.

    Kind regards Uwe

    0 comments No comments

  3. Uwe Gradenegger 0 Reputation points
    2025-06-20T06:43:23.84+00:00

    So, it is done. TameMyCerts now has working support for YubiKey PIV attestation integrated, which allows to perform PIV attestation on YubiKeys with Microsoft ADCS.

    Here's an introductory post on how it works.

    Here's the documentation.

    Here's the project on GitHub.

    Kind regards

    Uwe

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.