Re: [opencryptoki-users] Problems with TrouSerS PKCS#11 interface
Brought to you by:
ebarretto
From: Eduardo P. M. <ep...@ci...> - 2013-08-07 11:26:01
|
I'm trying to import it into Firefox's "Your Certificates" tab (Edit -> Preferences -> Encryption tab -> View Certificates -> Your Certificates tab -> Import) 2013/8/6 Joy M. Latten <jml...@li...> > Hi, > > On Thu, 2013-08-01 at 10:16 -0300, Eduardo Peixoto Macedo wrote: > > Hi, > > > > I'm trying to import a certificate signed using the tpm engine > > (openssl-tpm-engine) into Firefox on Ubuntu 12.04. > > > > I'm using Infineon TPM and I have already configured the tpm token > > with 'tpmtoken_init'. The PKCS#11 module (libopencryptoki.so) was > > successfully imported on Firefox. But when I try to import a > > certificate I get the following alert: > > > > "Failed to decode the file. Either it is not in PKCS #12 format, has > > been corrupted, or the password you entered was incorrect." > > > > So you are generating and signing the certificate in > openssl-tpm-engine... > How are you importing the certificate into tpm-token in opencryptoki? > > > Here is the command that I am using to generate the certificate: > > > > "openssl req -keyform engine > > -engine /usr/local/lib/openssl/engines/libtpm.so -key Authroity.key > > -x509 -out Authority.crt" > > > > I tried to create another certificate using: > > > > "openssl req -keyform engine > > -engine /usr/local/lib/openssl/engines/libtpm.so -key Client.key -new > > -out Client.csr" > > and: > > "openssl x509 -req -in Client.csr -CA Authority.crt -CAkey > > Authority.key -CAkeyform engine > > -engine /usr/local/lib/openssl/engines/libtpm.so -CAcreateserial -out > > Client.crt" > > > > The keys "Authority.key" and "Client.key" were generated using > > "create_tpm_key". > > > > > > > > > > > > But I get the alert when I try to import any of them. > > Am I doing something wrong? > > > ------------------------------------------------------------------------------ > > Get your SQL database under version control now! > > Version control is standard for application code, but databases havent > > caught up. So what steps can you take to put your SQL databases under > > version control? Why should you start doing it? Read more to find out. > > > http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk > > _______________________________________________ opencryptoki-users > mailing list ope...@li... > https://lists.sourceforge.net/lists/listinfo/opencryptoki-users > > > |