These settings are:
Copy user certificates to a local store
Copy CA certificates to a local store
These settings are either enabled or disabled.
Default: disabled
PKI operations usually require certificates, private and public keys. Private keys should always be securely stored on the token. Certificates should also be stored on the token as this enables mobility (the certificate will be readily available when using the token on a different computer).
This option controls the action of automatically copying all user certificates to the Certificate upon token insertion.
Default: enabled
CA certificates can be downloaded onto a token. When the token is inserted into the computer, one or more of these CA certificates may not be on the computer. In such a case, the CA certificate may be loaded onto the computer.
Note: Despite the settings chosen, it is possible that another window from Microsoft opens asking if you wish to continue this action. This is standard Microsoft operating procedure because the action to be undertaken may affect security matters on the computer. If you want to copy the CA certificate, click Yes.