Solved: Connect USB CAC card

jballadares · ‎04-21-2022

Morning All,

I use this article in the pass to permanent connect my CAC card to the VM

https://kb.vmware.com/s/article/1648

I did the same in workstation 15.5.7 build-17171714 and it is not working.

The vmware.log file shows:

2022-04-21T09:03:57.656-04:00| vmx| I005: USB: Found device [name:Broadcom\ 5880 vid:0a5c pid:5832 path:1/0/0/10 speed:full family:other,smart-card instanceId:USB\\VID_0A5C&PID_5832\\0123456789ABCD serialnum:0123456789ABCD arbRuntimeKey:6 quirks:pause-pm-policy version:3]

I use this in my vmx file:

usb.autoConnect.device0 = "vid:0a5c pid:5832"

Any ideas why is not working?

Thanks

bluefirestorm · ‎04-22-2022

From the screenshot the word "Shared" is still there so the smartcard reader is still shared between host and VM(s).

These lines in the vmware.log also confirms it.
2022-04-21T17:42:08.767-04:00| vmx| I005: USB: Initializing 'Virtual CCID' backend
2022-04-21T17:42:08.775-04:00| usbCCIDEnumCards| I005: VTHREAD 29060 "usbCCIDEnumCards"
2022-04-21T17:42:08.775-04:00| usbCCIDEnumCards| I005: USB-CCID: Card enum thread created.

Oddly enough, the smartcard reader seems to connect and disconnect at many different points

2022-04-21T18:17:22.082-04:00| vmx| I005: USB: Found device [name:Shared\ Broadcom\ Corp\ Contacted\ SmartCard\ 0 vid:0e0f pid:0004 speed:full family:smart-card virtPath:usb_xhci:5 deviceType:virtual-smartcard version:3], connected to usb_xhci port 5.
2022-04-21T18:23:06.360-04:00| vmx| I005: USB-CCID: Disconnected the card in reader 'Broadcom Corp Contacted SmartCard 0'.

It appears you are using an encrypted VM, how are you editing the vmx file? Do you decrypt it, edit and re-encrypt? Because it seems to fail to open the virtual disk.

2022-04-21T17:42:08.758-04:00| vmx| I005: DISKLIB-CHAIN : "C:\Users\****\Documents\Virtual Machines\Serco Windows 11 x64\Serco Windows 11 x64.vmdk" : failed to open (Cannot decrypt disk because key or password is incorrect).

You could try adding the two lines to the %PROGRAMDATA%\VMware\VMware Workstation\config.ini. This file is usually set to read-only and require Administrator rights to edit. Alternatively, instead of host machine-level, you could try adding these two lines at user level at %AppData%\VMware\config.ini but this file might have to be created.

View solution in original post

bluefirestorm · ‎04-21-2022

Smartcard readers are shared between host and VM(s) by default.

You may have also to add the following lines

usb.generic.allowCCID = "TRUE"
usb.ccid.disable = "TRUE"

If you have multiple VMs, you may want to these two lines to %PROGRAMDATA%\VMware\VMware Workstation\config.ini (on Windows hosts) or /etc/vmware/config (on Linux hosts) instead of adding these two lines per vmx. Try it first on one VM inside a vmx configuration and move it to the config file once you confirm it is working.

jballadares · ‎04-21-2022

Thanks for reply and help.

It didn't work in the VM. This is a new Windows 11 image, is this the issue?

What else can I check?

bluefirestorm · ‎04-21-2022

Which part did not the work? The disable of smartcard device sharing or the autoconnect still not working?

With some smart card readers, the visual cue is that in the "Removable Devices", there is no longer a "(Shared)" next to the name of the device. Another cue within the guest VM, with Windows guests, the smartcard device would show as the vendor device (in your case Broadcom) instead of generic Microsoft CCID device.

jballadares · ‎04-21-2022

"Which part did not the work? The disable of smartcard device sharing or the autoconnect still not working?"

autoconnect still not working

The CAC show in the Removable Devices

Let me attached the log, maybe I am not getting the correct id.

My vmx file is:

Thanks for your reply and help.

bluefirestorm · ‎04-22-2022