Results 1 to 4 of 4
  1. #1
    ck4794 is offline Advanced Beginner
    Windows 8 Access 2013
    Join Date
    Oct 2013
    Posts
    80

    Get PKI certificate from CAC


    Greetings,

    I'm in the middle of designing a database and am looking for some help with this. There's a few posts here and there, on this and other forums, but none seem to have found resolution.

    The users will all be logged on to the computer with a Common Access Card, which has a PKI certificate. I may have some of the jargon mixed up, it's a little above my paygrade. The problem I'm trying to solve is instead of carrying a piece of paper to ten different offices to get ten different signatures, those people with signature authority can log in to the database and digitally sign the request. So far I'm at a user name and password system. We have several other systems in place that use this method. Mostly with PDF's. A user clicks the signature block, is prompted for their PIN, and then their certificate information is loaded into the signature block. I'm hoping for something similar. Any help that can be provided is much appreciated.

  2. #2
    NTC is offline VIP
    Windows 7 64bit Access 2013
    Join Date
    Nov 2009
    Posts
    2,392
    While what you seek is relatively common - it is not clear what security technology your organization is using when you say 'Common Access Card'. But in any case it really comes down to this:
    * A user clicks the signature block
    * is prompted for their PIN....... [this can be a messagebox, pop up form, or even an hidden control made visible]
    * they enter their PIN manually into the field provided
    * their certificate information is loaded into the signature block......[it is not clear what you mean by 'loaded' or where that data is coming from so one presumes there is some table somewhere]

    In the last 2 bullets you need compose custom code that compares the value of the PIN entered with this table for validity.

  3. #3
    ck4794 is offline Advanced Beginner
    Windows 8 Access 2013
    Join Date
    Oct 2013
    Posts
    80
    Quote Originally Posted by NTC View Post
    While what you seek is relatively common - it is not clear what security technology your organization is using when you say 'Common Access Card'. But in any case it really comes down to this:
    * A user clicks the signature block
    * is prompted for their PIN....... [this can be a messagebox, pop up form, or even an hidden control made visible]
    * they enter their PIN manually into the field provided
    * their certificate information is loaded into the signature block......[it is not clear what you mean by 'loaded' or where that data is coming from so one presumes there is some table somewhere]

    In the last 2 bullets you need compose custom code that compares the value of the PIN entered with this table for validity.
    On the "loaded" point, I'm specifically talking about digitally signing a pdf, in adobe. I click the empty signature box, I'm presented with the option to "sign". When I click that, I'm asked for my pin. Adobe thinks about it, and then loads my name, and other credentials that are tied to my ID, with which I'm logged in to the computer, into that signature block on the form. This is the action I want to replicate.

    I'm good with creating a custom pop up form, pin numbers, etc. However, I have no idea how to access the information stored on the ID card. It has a chip in it, that looks identical to the chip in a credit card, if that helps. The term I hear most often is PKI certificate. I'm pretty sure I can figure out how to store the information to compare to in some kind of user table, but again, I don't know how to tell access to read the information off of the ID that is currently in the computer.

  4. #4
    CJ_London is offline VIP
    Windows 10 Access 2010 32bit
    Join Date
    Mar 2015
    Posts
    11,387
    However, I have no idea how to access the information stored on the ID card.
    I would imagine it would be quite difficult since if it was easy to access the data, it would not be very secure. I don't see the purpose of the chip unless you are putting it into a reader (which you haven't said you are doing).

    As NTC suggests, you can create your own 'digital signing' routine, but if you want to use the existing facility you need to talk to others in your organisation about how they set things up - how do they make a block on a pdf a signature block? If a pdf need 5 signatures in a particular order - how is that set up? Who is the supplier of the card - do they supply an API? is there licensing involved? If the card has the name of the supplier organisation, vist their website, give them a call.

Please reply to this thread with any new information or opinions.

Similar Threads

  1. Replies: 0
    Last Post: 04-11-2016, 10:52 AM
  2. Replies: 0
    Last Post: 04-24-2009, 12:20 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Other Forums: Microsoft Office Forums