Creating a virtual smart card in a Hyper-V guest system

For test environments, it is often helpful to be able to work with smartcards. Below is a brief guide on how to set up a virtual smartcard in a Hyper-V guest using a virtualized Trusted Platform Module (TPM).

The prerequisite is that a Trusted Platform Module has been installed and commissioned on the host system.

The virtual machine must be Generation 2.

In the virtual machine settings, you can then activate the Trusted Platform Module under Security.

To use the virtual smartcard in the Hyper-V guest, the "Enhanced Session" must be disabled, otherwise there will be a connection via Remote Desktop, which will pass the smartcard readers from the host system to the guest.

The virtual smartcard can then be created with the following command (as admin).

tpmvscmgr.exe create ^
    /name TestVSC ^
    /pin prompt ^
    /adminkey random ^

During the creation of the virtual smartcard, you will be asked for a PIN, which must be at least eight characters long by default.

Related links:

External sources