If have several certificates of same purpose (suggestion, I have several types of certs on card) on smartcard, then using with Smart Certificate Key Provider, Windows Security popup window shows and allows select only the latest one.
I have a lot of Secure Email certs on card, both expired (but usable to decrypt old messages or DBs), and current. I've used one to encrypt Keepass DB, and, only the latest one shown in popup after issuing new certificate, and, it's not the certificate used to encrypt KeePass database.
So if encrypted sometime with one some purpose cert, when new certificate of same purpose issued, you lost access to Keepass database.
And, if I invoke CertUtil -SCInfo command, popup shows 'certificate list' dialogue showing all certificates on smartcard.
Windows 10 LTSC 2021 (21H2) x64, Safenet Authentication Client 10.8 R6, Keepass 2.54, SmartCertificateKeyProvider v.2.0.1
If have several certificates of same purpose (suggestion, I have several types of certs on card) on smartcard, then using with Smart Certificate Key Provider, Windows Security popup window shows and allows select only the latest one.
I have a lot of Secure Email certs on card, both expired (but usable to decrypt old messages or DBs), and current. I've used one to encrypt Keepass DB, and, only the latest one shown in popup after issuing new certificate, and, it's not the certificate used to encrypt KeePass database.
So if encrypted sometime with one some purpose cert, when new certificate of same purpose issued, you lost access to Keepass database.
And, if I invoke CertUtil -SCInfo command, popup shows 'certificate list' dialogue showing all certificates on smartcard.