I did everything according to the instructions http://www.ejbca.org/gemsafe/EJBCA_with_GemSAFE_Toolbox_Part1_workstation_logon.pdf on this article
I configuration, this Windows server 2008 domain controller on it, I installed EJBCA on Ubuntu, did everything on this insruktsii, but when I run the script displays an error installdomain He checked all the way and there is no trust in the Root sertfikatsii, but when I recorded on a smart card and input I do is an error that the computer does not trust the certificate,
even though I have already installed the certificates in a folder in the console Trustedroot certmgr.msc.
I am suffering for a week I can not understand,
In the Windows world things change for every patch/update that MS issues. This makes it very time consuming to test and validate things.
The guide is a bit old, and created for Windows Server 2003 (as it says in the guide).
You need to understand how Windows smart card logon works and probably adapt the scripts for Windows Server 2008.
If you understand the scripts, you can do the same steps manually.
If you get it working, we'd be glad to hear about it. I have never tested on Windows 2008.
PrimeKey Solutions offers commercial EJBCA and SignServer support subscriptions and training courses. Please see www.primekey.se or contact firstname.lastname@example.org for more information.