Autofirma uses the JMulticard library by default to make use of FNMT CERES cards, including public employee cards. The card drivers installed on the system will only be used if the user deactivates the use of JMulticard from the desktop interface or if an error occurs during the loading of the library, such as when the inserted CERES card cannot be identified or any of its dialogs are cancelled. In those cases, the card's CSP or PKCS#11 driver will be used as you access Autofirma to the Windows or Mozilla store, respectively.

Various problems related to some versions of the official FNMT controller have been detected. Update your CERES card driver to avoid possible problems.

Due to a compatibility issue between Java and the CERES PKCS#11 driver, Autofirma is unable to access your keys after reloading the key store or extracting and reinserting the card.

If your card's certificates do not appear in the selection dialog when you upload Autofirma from Mozilla Firefox, make sure that:

• The card is registered as a Security Device in Firefox.

• The web browser itself is able to see the certificates of your card.

• The certificates on the card are not expired.

• The installed versions of Firefox, the CERES Card Driver and Autofirma have the same architecture (32 or 64 bits).

• During the procedure the card has not been extracted at any time or has been forced to reload the store through the update button of the certificate selection dialog.

Due to a compatibility problem with the PKCS#11 driver of CERES cards (including those of public employee), it is known that in certain cases signing with card certificates causes an error. This case is common in post-first signatures with Autofirma (communication with sockets). It also happens that if consecutive signatures are made immediately, they all usually end correctly, while if there is at least a small wait between them, the controller is not able to access the keys and the signature operation fails.

There is currently no solution to this problem. The user is recommended to use the Chrome or Edge browsers when using FNMT cards. If you need or prefer to use Firefox, it is recommended to install the 32-bit Autofirma version to minimize the problem.

For some versions of the CERES driver, differences have been found between the behavior of the PKCS#11 driver and the CSP driver for the on-card store through the Windows store, and even between the 32-bit and 64-bit implementations of the drivers themselves. Depending on the controller used, it may happen that the PIN of the card is requested for each signing operation or that it is only requested once for all operations.

This operation is alien to Autofirma.

The controller of the cards of the FNMT determines that, when signing with some certificates, the user must give his express consent, for which he shows a message requesting his authorization. This behavior only occurs with some certificates on the card and is alien to Autofirma.