Remember! T-CAT cards issued before 04/13/2023 will lose their status as qualified certificates and will be massively revoked on September 27, 2023 . For more information you can consult Change in cards T-CAT. Contact the Digital Certification Service Manager if your T-CAT has not yet been renewed for one of the new ones so that he can make the request.

If you still have an old T-CAT, below you can consult the Safesign manual, as well as possible errors that may appear when using it, and the steps to solve them.

SafeSign Handbook

Disable PinPad function

If a pop-up appears asking for a PIN, but the user can't type in it, they might have a card reader built into their keyboard with the PinPad feature.
If this function is activated, it only allows us to enter the PIN with the numeric keypad and sometimes it does not work correctly, preventing the PIN from being written in the pop-up window.
pinpad.png

To disable the PinPad feature, we need to follow the steps described below:

Start > Type in the search: “Regedit” and select run commando > HKEY_LOCAL_MACHINE > SOFTWARE > Wow6432Node > AETEurope BV > SafeSign > 2.0 > Disable PinPadReaders > Edit Value Information > 1 > Accept

disable_pinpad_safesign.jpg

Certificate "Un-registration" error with SafeSign 3.0.124

Version 3.0.124 does not "remove" the link that is made in Windows of the certificates on the card and that allows them to be used while the card is inserted in the reader when it is removed from the reader. This makes Windows "think" that the card is still inserted and present the certificate as usable when performing operations that require it (authentications, signatures, etc.). Because Windows doesn't realize that the card is no longer there, the operation fails without a message and blocks browsing or returns no error handled by the shift application. This error is attributable to Microsoft's handling of certificate propagation. You can consult more information about this in point 3.12 (Certificate Propagation) in the product description document.

It is a purely usability error, since it will never be possible to sign or perform any signature operation with this "reference" to the certificate that has been installed because access to the private key contained in the card is not actually possible. However, since Windows "thinks" that the card is inserted because the card driver tricks it, it means that the errors that are returned may not be clear to the user.

Finally, to say that the way to solve this error is to manually "de-register" the card certificates by going to the "Remove" option in the Explorer's certificate store manager. You must select the certificate you want to de-register and click Remove:

image-2.jpg

Next appears a warning message to which we must click yes:

image-3.jpg

Card certificates are not deleted even if the card is not removed from the reader. So, no need to suffer because this method will never delete the certificates inside the card. To work with the certificate again just put the card back in and they will appear again.

IMPORTANT NOTE : what you must watch out for is not to select a certificate in software format like idCAT and click on Remove because then we would lose the certificate and real private key.