Hi, i'm fairly new to this but yubikey have become so cheap i would like to use it to generate and protect the keys of our Issuing CA. I bought the yubikey 5 which comes with their own PKCS#11 module libykcs11, but when I want to add it in XCA it shows it with a cross :( Then I tried with OpenSC PKCS#11 module, that one shows a green mark in XCA but fails to initialize anything.
Has anyone tried or succeeded to use a yubikey through XCA? How? With what module? Did you have to initialize some stuff with other tools first?
Thank you !
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
What operating system do you use and what version of XCA?
Please check whether the PKCS#11 library has the same bitwitdh as XCA (usually 64bit)
If you hover over the lib with the cross, it should pop-up an error.
I used the yubikey4 some time before (and there is still a bug pending), but basically it should work,
Please switch to the github repository, where current xca development happens. https://github.com/chris2511/xca
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi, i'm fairly new to this but yubikey have become so cheap i would like to use it to generate and protect the keys of our Issuing CA. I bought the yubikey 5 which comes with their own PKCS#11 module libykcs11, but when I want to add it in XCA it shows it with a cross :( Then I tried with OpenSC PKCS#11 module, that one shows a green mark in XCA but fails to initialize anything.
Has anyone tried or succeeded to use a yubikey through XCA? How? With what module? Did you have to initialize some stuff with other tools first?
Thank you !
What operating system do you use and what version of XCA?
Please check whether the PKCS#11 library has the same bitwitdh as XCA (usually 64bit)
If you hover over the lib with the cross, it should pop-up an error.
I used the yubikey4 some time before (and there is still a bug pending), but basically it should work,
Please switch to the github repository, where current xca development happens.
https://github.com/chris2511/xca