Browsers in Windows 11 stopped prompting me for smart card credentials on sites that require them. How can I fix this?

Question

I have already asked this question, both here and in Windows 11 Q & A, however I have not found a solution. Normally, when I need to access a site requiring smart card credentials, a box automatically pops up asking me to select the certificates I want to use. However, this box stopped appearing and I can't find a solution. I have made sure smart card services are running in task manager, I have restarted those services, I have reinstalled smart card device drivers, I have ensured that Windows is recognizing my reader and certificates, I have cleared the SSL state and all temporary files. Randomly, it will begin working again on some days, but will eventually stop (however, this is rare). It works fine on other computers. What can I try next?

***moved from Microsoft Edge / All other issues / Windows 11***

Answer 1

Hi Northerwinds94,

Thank you for posting in the Microsoft Community Forum.

It sounds like you've already gone through several troubleshooting steps, but let's explore a few more options that might help resolve the issue:

1. **Check Group Policy Settings**: Ensure that the Group Policy settings related to smart card usage haven't been altered or restricted. You can do this by running gpedit.msc to open the Local Group Policy Editor, then navigate to Computer Configuration -> Windows Settings -> Security Settings -> Public Key Policies. Make sure that the policies related to smart cards are configured appropriately.
2. **Verify Certificate Trust**: Double-check that the certificates issued by your smart card are trusted by the system. Sometimes, if there's an issue with the certificate chain, Windows may not prompt for smart card authentication. You can verify this by opening the Certificates MMC snap-in (certmgr.msc) and checking the certificate store.
3. **Event Viewer**: Check the Event Viewer for any relevant error messages or warnings related to smart card usage. This might provide insights into what's causing the issue.
4. **System File Checker**: Run the System File Checker (SFC) tool to scan for and repair corrupted system files. Open Command Prompt as an administrator and run the command sfc /scannow. After the scan is complete, restart your computer and see if the issue persists.
5. **Update Drivers and Firmware**: Ensure that both your smart card reader and any associated firmware/drivers are up-to-date. Visit the manufacturer's website to download and install the latest versions.
6. **Test in Safe Mode**: Boot your computer into Safe Mode and see if the issue persists. This can help determine if the problem is being caused by third-party software or drivers.
7. **Create a New User Profile**: Sometimes, user profile corruption can cause issues with system functionality. Create a new user profile and see if the problem persists when logging in with the new profile.
8. **System Restore**: If the issue started occurring after a recent software change or update, consider using System Restore to revert your system to a previous state where the smart card authentication was working correctly.

If none of these steps resolve the issue, it might be worth contacting Microsoft Support or the manufacturer of your smart card reader for further assistance, as there could be more specific troubleshooting steps or updates available.

Best regards

Neuvi Jiang

Answer 2

One possibility:

Determine if the subject website requires TLS 1.3.

TLS 1.3 mandates the use of a newer signing algorithm not supported by most current smartcards - RSA-PSS.

The only solutions are to have the target website drop to TLS 1.2, OR obtain a newer smartcard that supports the newer signing algorithm.