Creating cert key for CA: installation succeds with warnings

[techge]

When trying to create a root certificate on OpenPGP Card (signature slot) for a AD CS, the installation ends with warning:

2724: 2017-11-16 10:31:19.062 [Provider] Warning (Id=0) Sync Message - OperationKind: Configuration, MessageType: Warning, MessageCode: 267, Message: An error occurred when setting the security access on the private key "%1", or the CSP selected does not support setting security access on private keys. Please make sure the CSP is installed correctly or select another CSP.

I have a log attached. Please note, that in the Log you can see two attempts to use the OpenPGP Card as key for the CA. The configuration differs in the "Allow administrator interaction when the private key is accessed by the CA" checkbox which seems to have to be ticked.

ServerManager.log

[vletoux]

see 013df505157ef128715d51c87630a71f59f1cd55

[alex-nitrokey]

Still get the message, any idea? Did it work on your side?

[vletoux]

I wasn't able to reproduce it on my lab given my own configuration. For this issue (and all others involving misimplementation) can you collect the log of CryptoAPI functions called ? You can use Rohitab API Monitor (http://www.rohitab.com/apimonitor) to do it