[Ejbca-develop] Can't create a CA/key with nCiper on EJBCA 6.0.3

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello folks,

I'm trying to have a CA managed by a nshield NCipher, here what I did :

- create the RFS
- create a persistent OCS named "EJBCA"

- uncomment all references to PKCS11 provider in web.properties

When I try to create a key, using the following command:

/opt/nfast/bin/preload -c EJBCA ./dist/clientToolBox/ejbcaClientToolBox.sh PKCS11HSMKeyTool generate /opt/nfast/toolkits/pkcs11/libcknfast.so 4096 defaultRoot i1

I have the following exception:

java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: 

whatever the password I gave.

Environnment:

- JBoss 7.1.1 Final, with sun/security/pkcs11 added in JDK modules.xml,
  otherwhise nCipher Token Provider was not found
- Oracle JDK 1.7.51 with JCE extension

Note that I'm able to create a key using nCipher's tool generatekey,
with pkcs11 application.

Thanks a lot for you help!
-- 
http://asyd.net/home/    - Home Page
http://netvibes.com/asyd - Portal