Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

EJBCA PKCS11

mtrad
2014-01-27
2014-01-31
  • mtrad
    mtrad
    2014-01-27

    Hello,
    I am using ejbca 6.0.3 on windows 7, I have in the cryptoken tokens properties Type 'Soft' but I cant find 'PKCS#11' in the drop down ...
    Does anyone know how to fix this problem ?
    Thank you,

     
    Last edit: mtrad 2014-01-27
  • mtrad
    mtrad
    2014-01-28

    hello,
    I am using Jboss-5.1.0.GA,
    I followed the Jboss 5.1.x instructions to fix the bug and I am facing the same issue,
    Thanks,

     
  • Then you are using Windows 64 bit. Java for Windows 64 bit does not suport PKCS#11.

     
  • mtrad
    mtrad
    2014-01-28

    no, I am using windows 7 /32 bits

     
  • mtrad
    mtrad
    2014-01-30

    Hello,
    I have a latest EJBCA version(6.0.3) deployed on windows 7/32 bits machine configured on:
    •MySQL Workbench 6.0
    •apache-ant-1.9.3
    •OpenJDK 6 JDK (jdk-6u45-windows-i586)
    •JCE (Java Cryptographique Extension) 6
    •jboss-5.1.0.GA
    •MySQL Java Connector 5 (mysql-connector-java-gpl-5.1.28)
    I am facing a bug in EJBCA in the crypto Tokens properties that contains just a Type soft without PKCS#11. we have tried to fix the bug as the instructions followed in the URL below:
    http://ejbca.org/docs/installation.html#JBoss
    but the issue still not resolved...

    Kindly,
    Does anyone have another prerequisites configuration which fix the PKCS#11 bug?
    Thank you
    warms regards

     
    Last edit: mtrad 2014-01-30
  • It's not a bug, it's a feature. If EJBCA can not find any "known" PKCS#11 implementation, it will not display any possibilty for PKCS#11 (since you have no p11 installed).

    Please see the documentation how to configure EJBCA if you have a P11 that is not known by default:
    http://ejbca.org/docs/adminguide.html#Hardware%20Security%20Modules%20%28HSM%29

    You will also be able to see in a DEBUG log (if you enable debug logging and practice how to understand the log :-)) how things are searched for and loaded.

    Cheers,
    Tomas


    PrimeKey Solutions offers commercial EJBCA and SignServer support subscriptions and training courses. Please see www.primekey.se or contact info@primekey.se for more information.
    http://www.primekey.se/Services/Support/
    http://www.primekey.se/Services/Training/

     
  • mtrad
    mtrad
    2014-01-30

    ok, I have configured web.properties and create PKCS#11 using 'ejbca cryptotoken create' command and it is generated successfully, It's shown in the admin GUI with Crypto Token properties,
    but the issue now that it is not shown in the 'Certification Authorities' in the Crypto Token properties in the drop down,
    what is the problem now :S
    Thank you

     
    Last edit: mtrad 2014-01-30
  • mtrad
    mtrad
    2014-01-31

    hello,
    when I am creating a new token on GUI, I can see all slots in PKCS#11 Reference on HSM
    but I have an authentication message on slot 1 when I am login
    ' For Input String "Slot1" ' but I see an attribute file which is set to 'Default'
    Is it the issue or something else ? thanks for help Mr Thomas ...

     
    Last edit: mtrad 2014-01-31