Breadcrumbs

Create a Template with Key Archival Enabled

  1. Open the command prompt and run the certtmpl.msc command.

  2. Right-click the User template and select Duplicate Template.

image-20250805-081617.png


"Certificate Template" Window

  1. Select the appropriate windows version under Certificate Authority and Certificate Recipient drop-down box under Compatibility Settings.

  2. Click OK.

image-20250805-081656.png


"Compatibility" Window

  1. On the Resulting Changes menu, click OK.

  2. Go to the General tab and enter a name for the template (e.g. UserKeyArchival).

  3. Go to the Request Handling tab and select the checkbox for Archive Subject’s encryption private key.

image-20250805-081751.png


"Request Handling" Window

If you are using smartcard authentication, the prompt will appear on the PIN Pad device to insert the smartcard and enter the PIN. Then, press the OK button on the PIN Pad.

  1. Select the Subject Name tab. Uncheck the checkbox for Include e-mail name in subject name and uncheck the checkbox for E-mail name.

image-20250805-081823.png


"Subject Name Tab" Window

  1. Click Apply and then click OK.