Re: [opencryptoki-users] Problems with TrouSerS PKCS#11 interface
Brought to you by:
ebarretto
Menu
▾
▴
Re: [opencryptoki-users] Problems with TrouSerS PKCS#11 interface
|
From: Eduardo M. <ep...@ci...> - 2013-08-12 12:02:41
|
Ok, thanks for the help 2013/8/8 Joy M. Latten <jml...@li...> > Ok, I will take a look... > > regards, > Joy > > On Thu, 2013-08-08 at 08:37 -0300, Eduardo Peixoto Macedo wrote: > > I'm trying to import it into Firefox's "Your Certificates" tab (Edit > > -> Preferences -> Encryption tab -> View Certificates -> Your > > Certificates tab -> Import) > > > > > > > > 2013/8/7 Eduardo Peixoto Macedo <ep...@ci...> > > I'm trying to import it into Firefox's "Your Certificates" tab > > (Edit -> Preferences -> Encryption tab -> View Certificates -> > > Your Certificates tab -> Import) > > > > > > 2013/8/6 Joy M. Latten <jml...@li...> > > > > Hi, > > > > On Thu, 2013-08-01 at 10:16 -0300, Eduardo Peixoto > > Macedo wrote: > > > Hi, > > > > > > I'm trying to import a certificate signed using the > > tpm engine > > > (openssl-tpm-engine) into Firefox on Ubuntu 12.04. > > > > > > I'm using Infineon TPM and I have already configured > > the tpm token > > > with 'tpmtoken_init'. The PKCS#11 module > > (libopencryptoki.so) was > > > successfully imported on Firefox. But when I try to > > import a > > > certificate I get the following alert: > > > > > > "Failed to decode the file. Either it is not in > > PKCS #12 format, has > > > been corrupted, or the password you entered was > > incorrect." > > > > > > > > > So you are generating and signing the certificate in > > openssl-tpm-engine... > > How are you importing the certificate into tpm-token > > in opencryptoki? > > > > > Here is the command that I am using to generate the > > certificate: > > > > > > "openssl req -keyform engine > > > -engine /usr/local/lib/openssl/engines/libtpm.so > > -key Authroity.key > > > -x509 -out Authority.crt" > > > > > > I tried to create another certificate using: > > > > > > "openssl req -keyform engine > > > -engine /usr/local/lib/openssl/engines/libtpm.so > > -key Client.key -new > > > -out Client.csr" > > > and: > > > "openssl x509 -req -in Client.csr -CA Authority.crt > > -CAkey > > > Authority.key -CAkeyform engine > > > -engine /usr/local/lib/openssl/engines/libtpm.so > > -CAcreateserial -out > > > Client.crt" > > > > > > The keys "Authority.key" and "Client.key" were > > generated using > > > "create_tpm_key". > > > > > > > > > > > > > > > > > > But I get the alert when I try to import any of > > them. > > > Am I doing something wrong? > > > > > > > > ------------------------------------------------------------------------------ > > > Get your SQL database under version control now! > > > Version control is standard for application code, > > but databases havent > > > caught up. So what steps can you take to put your > > SQL databases under > > > version control? Why should you start doing it? Read > > more to find out. > > > > > > http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk > > > _______________________________________________ > > opencryptoki-users mailing list > > ope...@li... > > > https://lists.sourceforge.net/lists/listinfo/opencryptoki-users > > > > > > > > > > > > > > > |
