![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 43%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ8%3C/text%3E%3C/svg%3E)
25,148 questions
Thank you for your post!
I understand that you're trying to configure CAC card authentication within your Azure AD tenant and within the Azure AD CBA documentation there wasn't anything specific to CAC cards, along with which .cer file needs to be used specific to CAC cards. To hopefully point you in the right direction or resolve your issue, I'll share my findings below.
Findings:
For CAC card / Smart card specific authentication, it looks like you'll need to follow these steps to set up the User Experience. For more info.
- Join the machine to either Azure AD or a hybrid environment (hybrid join).
- Configure Azure AD CBA in your tenant as described in Configure Azure AD CBA.
- Make sure the user is either on managed authentication or using Staged Rollout.
- Present the physical or virtual smart card to the test machine.
Select the smart card icon, enter the PIN, and authenticate the user.
When it comes to the .cer file, did your Certificate Authority (i.e. DigiCert or GlobalSign) provide you with certificates?
Links:
Windows smart card sign-in using Azure Active Directory certificate-based authentication
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.