Time to complain about the question... (somebody always does)
A USER can be created for a certificate or asymmetric key, but they cannot Login:
Users that cannot authenticate These users cannot login to SQL Server.
* User without a login. Cannot login but can be granted permissions.
* User based on a certificate. Cannot login but can be granted permissions and can sign modules.
* User based on an asymmetric key. Cannot login but can be granted permissions and can sign modules.
The question explicitly said "A login can be created", where the interpretation of the word login implies the ability to login into the database server. The documentation clearly says certificates and asymmetric keys cannot login.