Menu
▾
▴
[Opensc-devel] piv-tool key generation
|
From: Charlie B. <cha...@gm...> - 2013-05-15 17:11:17
|
Is there a better technique for generating the first certificate for either the 9A, 9C, 9D or 9E keys than the one described in the wiki? The pkcs11 openssl engine does not see the private key that I generated using piv-tool until after I set the certificate for the first time. I had to fall back to manually crafting the cert with bouncycastle. Once I sent down this generated cert the pkcs15-tool was able to see the public key, private key and cert properly. Any time after this point I can use the piv-tool to erase and reset the keys/certs without a problem. Could this just be a result of the cards implementation of PIV? Or is this something related to OpenSC itself do you think? Charles Bancroft Software Engineer Raytheon BBN Technologies |
