Forums MyID knowledge base MY0385 PIV Card Issuance Failure – Invalid algorithm specified error

  • This topic is empty.
Viewing 1 post (of 1 total)
  • Author
    Posts
  • #3375
    MyID SupportMyID Support
    Keymaster

    Issue:

    This following error is reported in the client and/or the System Events report when attempting to issue a PIV card.

    BOL COM catch handler
    Function : ProcessAPDUCommand, catch handler. Error :
    Invalid algorithm specified.
    An error occurred inside PivCardServer::ProcessCommand
    Error: 0x80090008 Invalid algorithm specified.
    An error occurred inside DataModelCreator::MakeApduWriteSequenceEx
    Error: 0x80090008 Invalid algorithm specified.
    An error occurred inside DataCollector::
    Error: 0x80090008 Invalid algorithm specified.
    An error occurred inside CCHUIDSignatureProcessor::ProcessFindData
    Error: 0x80090008 : Invalid algorithm specified.

    Info: CryptCreateHash
    ————————-
    Exception raised in function: myid::’anonymous namespace’::CryptHashHandle::myid::’anonymous-namespace’::CryptHashHandle::CryptHashHandle
    In file HashAlgorithmFactory.cpp at line 72
    In object PivDataProcessor.CHUIDSignatureProcessor.1
    In object CardDataModel.DataCollector.1
    In object CardDataModel.DataModelCreator.1

    Cause:
    When you create the MyID Server Signing Certificates (e.g. PIV Content Signer), from a Microsoft CA, and the certificate template Cryptography tab is configured as “Requests can use any provider available on the subject’s computer.”, a non-PIV compliant algorithm can be selected during the certificate creation.

    Resolution:
    Change this to “Requests must use one of the following providers” and then select “Microsoft Enhanced RSA and AES Cryptographic Provider”.
    Your new content signer is then able to perform the various PIV signing operations.  See the MyID “PIV Integration Guide” section on “Configure server signing certificates” for more details

Viewing 1 post (of 1 total)
  • The forum ‘MyID knowledge base’ is closed to new topics and replies.