› Forums › MyID knowledge base › MY0385 PIV Card Issuance Failure – Invalid algorithm specified error
Tagged: Content Signing Certificate, PIV
- This topic is empty.
-
AuthorPosts
-
22nd May 2020 at 9:28 am #3375
MyID Support
KeymasterIssue:
This following error is reported in the client and/or the System Events report when attempting to issue a PIV card.
BOL COM catch handler
Function : ProcessAPDUCommand, catch handler. Error :
Invalid algorithm specified.
An error occurred inside PivCardServer::ProcessCommand
Error: 0x80090008 Invalid algorithm specified.
An error occurred inside DataModelCreator::MakeApduWriteSequenceEx
Error: 0x80090008 Invalid algorithm specified.
An error occurred inside DataCollector::
Error: 0x80090008 Invalid algorithm specified.
An error occurred inside CCHUIDSignatureProcessor::ProcessFindData
Error: 0x80090008 : Invalid algorithm specified.Info: CryptCreateHash
————————-
Exception raised in function: myid::’anonymous namespace’::CryptHashHandle::myid::’anonymous-namespace’::CryptHashHandle::CryptHashHandle
In file HashAlgorithmFactory.cpp at line 72
In object PivDataProcessor.CHUIDSignatureProcessor.1
In object CardDataModel.DataCollector.1
In object CardDataModel.DataModelCreator.1Cause:
When you create the MyID Server Signing Certificates (e.g. PIV Content Signer), from a Microsoft CA, and the certificate template Cryptography tab is configured as “Requests can use any provider available on the subject’s computer.”, a non-PIV compliant algorithm can be selected during the certificate creation.Resolution:
Change this to “Requests must use one of the following providers” and then select “Microsoft Enhanced RSA and AES Cryptographic Provider”.
Your new content signer is then able to perform the various PIV signing operations. See the MyID “PIV Integration Guide” section on “Configure server signing certificates” for more details -
AuthorPosts
- The forum ‘MyID knowledge base’ is closed to new topics and replies.