Menu
▾
▴
Re: [Ejbca-develop] Can't create a CA/key with nCiper on EJBCA 6.0.3
|
From: Tomas G. <to...@pr...> - 2014-02-27 16:14:40
|
When using clientToolBox JBoss is not involved at all. You need to check the error message returned from nCipher PKCS#11, it will be in the stack trace that you only showed the first line from. Did you start pre-load loading all the cards first? On 02/27/2014 06:29 AM, Bruno Bonfils wrote: > Hello folks, > > I'm trying to have a CA managed by a nshield NCipher, here what I did : > > - create the RFS > - create a persistent OCS named "EJBCA" > > - uncomment all references to PKCS11 provider in web.properties > > When I try to create a key, using the following command: > > /opt/nfast/bin/preload -c EJBCA ./dist/clientToolBox/ejbcaClientToolBox.sh PKCS11HSMKeyTool generate /opt/nfast/toolkits/pkcs11/libcknfast.so 4096 defaultRoot i1 > > I have the following exception: > > java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: > > whatever the password I gave. > > Environnment: > > - JBoss 7.1.1 Final, with sun/security/pkcs11 added in JDK modules.xml, > otherwhise nCipher Token Provider was not found > - Oracle JDK 1.7.51 with JCE extension > > Note that I'm able to create a key using nCipher's tool generatekey, > with pkcs11 application. > > Thanks a lot for you help! > |
