How do you use a SID800 with multiple certificates and Windows credential provider?
Originally Published: 2010-04-06
Article Number
Applies To
RSA SecurID SID800 Authenticator (USB token)
Microsoft Windows 7 Professional
Microsoft Windows 2008 Server
Microsoft Windows Credential Provider
Microsoft certificate-based logon
Issue
Only one certificate on the SID800 is being seen at logon screen
SID800 with two valid certificates from a Windows 2003 CA. When authenticating to a system, only the certificate marked as default in the RSA Control Center is displayed. How do you configure the system to display both certificates for the user to choose from?
Resolution
A Microsoft GPO policy to show all certificates at logon needs to be updated.
http://technet.microsoft.com/en-us/library/ff404287(WS.10).aspx?ppud=4
Update these GPO settings:
Force the reading of all certificates from the smart card
Filter duplicate logon certificates
Or by registry:
You should see two logon tiles, one for each certificate.
Related Articles
SID800-based Token fails with the Error - “Authentication failed because tokencode could not be read from connected token”… Number of Views RSA Governance & Lifecycle Services 101: Dynamic Reports & Charts - What are they and how do you use them? Number of Views Intermittent blinking of the RSA SecurID SID 800 token Number of Views How to determine which firmware version is on an RSA SecurID SID800 authenticator Number of Views How do you map Active Directory LdapErr codes to Access Manager authentication result codes? Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
