smartcard:etoken
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| smartcard:etoken [2017/10/20 14:42] – angelegt Martin | smartcard:etoken [2017/10/20 15:10] (current) – [Nutzung eines SafeNet eToken PRO unter Linux] Martin | ||
|---|---|---|---|
| Line 9: | Line 9: | ||
| < | < | ||
| $ pkcs11-tool --module / | $ pkcs11-tool --module / | ||
| + | Using slot 0 with a present token (0x0) | ||
| + | Please enter the new SO PIN: | ||
| + | Please enter the new SO PIN (again): | ||
| + | Token successfully initialized | ||
| + | </ | ||
| + | Setzen der Benutzer-PIN | ||
| + | < | ||
| + | $ pkcs11-tool -l --init-pin | ||
| + | Using slot 0 with a present token (0x0) | ||
| + | Logging in to " | ||
| + | Please enter SO PIN: | ||
| + | Please enter the new PIN: | ||
| + | Please enter the new PIN again: | ||
| + | User PIN successfully initialized | ||
| </ | </ | ||
| Line 15: | Line 29: | ||
| $ pkcs11-tool --module / | $ pkcs11-tool --module / | ||
| -l -k --key-type RSA:1024 -d 1 -a "< | -l -k --key-type RSA:1024 -d 1 -a "< | ||
| + | Using slot 0 with a present token (0x0) | ||
| + | Logging in to " | ||
| + | Please enter User PIN: | ||
| + | Key pair generated: | ||
| + | Private Key Object; RSA | ||
| + | label: | ||
| + | ID: 01 | ||
| + | Usage: | ||
| + | Public Key Object; RSA 1024 bits | ||
| + | label: | ||
| + | ID: 01 | ||
| + | Usage: | ||
| </ | </ | ||
| - | Zertifikatsanfrage erstellen. Als Vorarbeit muss der Pfad zur Bibliothek der zur OpenSSL-Version passenden PKCS# | + | Zertifikatsanfrage erstellen, signieren und in das benötigte DER-Format konvertieren. Als Vorarbeit muss der Pfad zur Bibliothek der zur OpenSSL-Version passenden PKCS# |
| < | < | ||
| $ openssl version | $ openssl version | ||
| Line 36: | Line 62: | ||
| OpenSSL> engine dynamic -pre SO_PATH:/ | OpenSSL> engine dynamic -pre SO_PATH:/ | ||
| -pre ID:pkcs11 -pre LIST_ADD:< | -pre ID:pkcs11 -pre LIST_ADD:< | ||
| + | OpenSSL> req -engine pkcs11 -new -key 1 -keyform engine -x509 -out < | ||
| + | OpenSSL> x509 -in < | ||
| </ | </ | ||
| Schließlich können wir dieses Zertifikat in den eToken schreiben. Achtung: Korrekte ID (-d) und Label (-a) verwenden. | Schließlich können wir dieses Zertifikat in den eToken schreiben. Achtung: Korrekte ID (-d) und Label (-a) verwenden. | ||
| + | < | ||
| + | pkcs11-tool --module / | ||
| + | Using slot 0 with a present token (0x0) | ||
| + | Logging in to " | ||
| + | Please enter User PIN: | ||
| + | Created certificate: | ||
| + | Certificate Object, type = X.509 cert | ||
| + | label: | ||
| + | ID: 01 | ||
| + | </ | ||
| + | |||
| + | ===== Links ===== | ||
| + | [[https:// | ||
| + | |||
smartcard/etoken.1508510538.txt.gz · Last modified: 2017/10/20 14:42 by Martin