I have post this problem before. Since there is no reply, I will try to
re-phrase my problem.
Here is the question:
Is there anybody out there succesfully implement Smart Card Certificate
Logon and Smart Card Wireless EAP-TLS together ?
The Wireless EAP-TLS do not allow 'Smart Card Logon' on the Extended Key
When Smart Card Logon appears on the Certificate EKU, the Wireless EAP-TLS
So I assume we cannot use the same Certificate for the Certificate Logon and
And I can create two different certificates for this two process.
BUT here is the problem ....
Both Smart Card Certificate Logon and Smart Card Wireless EAP-TLS call my
CSP to query for default container.
Since now I used two different certificates for this two process, how can I
know which certificate I shall used when there is a query for default
If I used the Certificate with 'Smart Card Logon' on the EKU, the Wireless
EAP-TLS will failed.
If I used the Certificate without 'Smart Card Logon' on the EKU, the
Certificate Logon will failed.
Can anybody from Microsoft clarify this ?
Have Microsoft test this scenario before ?
Thanks for any help.....