Remember! T-CAT cards issued before 04/13/2023 lost the status of qualified certificates and were massively revoked on September 27, 2023 (except T-CAT operator certificates and idCAT Operator) . For more information you can consult Change in cards T-CAT.
If you still have an old T-CAT (Operator T-CAT only), below you can consult the Safesign manual, as well as possible errors that may appear when using it, and the steps to solve them.
If a pop-up appears asking for a PIN, but the user can't type in it, they might have a card reader built into their keyboard with the PinPad feature.
If this function is activated, it only allows us to enter the PIN with the numeric keypad and sometimes it does not work correctly, preventing the PIN from being written in the pop-up window.
To disable the PinPad feature, we need to follow the steps described below:
Start > Type in the search: “Regedit” and select run commando > HKEY_LOCAL_MACHINE > SOFTWARE > Wow6432Node > AETEurope BV > SafeSign > 2.0 > Disable PinPadReaders > Edit Value Information > 1 > Accept
Version 3.0.124 does not "remove" the link that is made in Windows of the certificates on the card and that allows them to be used while the card is inserted in the reader when it is removed from the reader. This makes Windows "think" that the card is still inserted and present the certificate as usable when performing operations that require it (authentications, signatures, etc.). Because Windows doesn't realize that the card is no longer there, the operation fails without a message and blocks browsing or returns no error handled by the shift application. This error is attributable to Microsoft's handling of certificate propagation. You can consult more information about this in point 3.12 (Certificate Propagation) in the product description document.
It is a purely usability error, since it will never be possible to sign or perform any signature operation with this "reference" to the certificate that has been installed because access to the private key contained in the card is not actually possible. However, since Windows "thinks" that the card is inserted because the card driver tricks it, it means that the errors that are returned may not be clear to the user.
Finally, to say that the way to solve this error is to manually "de-register" the card certificates by going to the "Remove" option in the Explorer's certificate store manager. You must select the certificate you want to de-register and click Remove:
Next appears a warning message to which we must click yes:
Card certificates are not deleted even if the card is not removed from the reader. So you don't have to suffer because this method will never delete the certificates inside the card. To work with the certificate again just put the card back in and they will appear again.
IMPORTANT NOTE : what you must watch out for is not to select a certificate in idCAT type software format and click on Remove because then we would lose the certificate and real private key.