Container Does Not Exist on the Smart Card

T-Shoot Yubikey Minidriver


RDP fails to authenticate Yubikey smart card.


The requested key container does not exist on the smart card (Figure 1).
Figure 1.  Smart card container error.


  • Yubikey runs as PIV smart card.
  • Smart card has multiple authentication certificates.
  • Certificates reside on slots 81-95.


By default, Windows uses the NIST SP 800-73 PIV smart card driver.  Multiple certificates require the Yubikey smart card Minidriver.  Install this driver on both the client and the server.


The Yubikey smart card MSI package does not install the Minidriver on remote servers or virtual machines.  Nor does it provide an error. 

The MSI installer only works when a smart card is directly connected (e.g., workstation). 

To reiterate, the MSI package only updates the NIST driver when a smart card is attached to the local USB port.   

Instead, use the Yubikey limited INF installer on VMs or via RDP.  

Figure 2.  How to Install the Yubikey Minidriver.

Right-click on ykmd.inf.  Left-click on install.  That's It!


Post a Comment

My Instagram