putty-cac not seeing all certificates on PIV/CAC

[DrDeke]

Greetings,

I am trying to use putty-cac to authenticate to some ssh servers using the certs/keys stored on my PIV/CAC, but putty-cac doesn't seem to "see" the correct certificate on my card when I try to select it using either the PKCS (via ActivClient's acpkcs211.dll) or CAPI interfaces.

My card has multiple certificates on it. The one corresponding to the public key on the servers I am trying to connect to is labeled "Signature" in ActivClient, but the only certificate that shows up in putty-cac is the certificate labeled "Authentication".

Certificate list in ActivClient:

.

Certificate selection window in putty-cac:

.

The Tectia SSH client can see both sets of certs/keys and works fine if I select the one corresponding to the public key on the servers, but I strongly prefer to use putty as a client:

.

Any idea what I might be doing wrong? Or could putty-cac be calling a different API than Tectia, one that doesn't present all certificates on a card or something like that? I cannot change which public key is accepted by the servers I'm trying to connect to, so it'd be really cool if I could get putty-cac to use the needed cert/private-key.

[NoMoreFood]

Try running putty.exe -allowanycert and see if it shows up.

[DrDeke]

That did the trick, thanks!