[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Home-made" PKCS certificates, soft-pkcs and PKINIT

To: heimdal-discuss@sics.se
Subject: "Home-made" PKCS certificates, soft-pkcs and PKINIT
From: mkondrin <mkondrin@hppi.troitsk.ru>
Date: Mon, 21 Apr 2008 12:13:20 +0400
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
Reply-To: heimdal-discuss@sics.se, mkondrin <mkondrin@hppi.troitsk.ru>
User-Agent: Thunderbird 1.5.0.7 (X11/20060909)

Dear Heimdal developers and users!

How should I make certtificates to be usable with pkinit and soft-pkcs 
module.
I have made self-signed certificates with hxtool. I have installed 
soft-pkcs11 module too. I have placed tab-separated .soft-token.rc file 
in my home directory:

mike     "Certificate for user mike"      /home/mike/secure/mike.pem
anchor   CA cert           /etc/ssl/ca.crt

But when I call

kinit -C PKCS11:/usr/local/lib/soft-pkcs11.so mike

it asks me about PIN code for certificate and after I simply hit Enter 
aborts.

I think that PIN-code for "home-made" certificates is a passphrase for 
encrypted certificates but is it possible with hxtool to make encrypted 
certificates ?

Thank you in advance!

M.Kondrin

Follow-Ups:
- Re: "Home-made" PKCS certificates, soft-pkcs and PKINIT
  - From: MKondrin <mkondrin@hppi.troitsk.ru>

Prev by Date: Re: heimdl 1.2rc1
Next by Date: Re: PKINIT and login
Prev by thread: AFS & Kerberos Best Practices Workshop 2008: Early Bird RegistrationDeadline April 21
Next by thread: Re: "Home-made" PKCS certificates, soft-pkcs and PKINIT
Index(es):
- Date
- Thread