[Opendnssec-user] SoftHSM and Java

Rickard Bellgrim rickard at opendnssec.org
Fri Jun 17 13:28:41 UTC 2011


On Fri, Jun 17, 2011 at 3:04 PM, Rickard Bellgrim
<rickard at opendnssec.org> wrote:
> On Fri, Jun 17, 2011 at 2:47 PM, Rickard Bellgrim
> <rickard at opendnssec.org> wrote:
>> It works with SoftHSM from trunk.
>>
>> rickard at fou:~/javatest$ java Main
>> Alias: MyCert/1.2.840.113549.1.9.1=#16157269636b617264624063657274657a7a612e6e6574,cn=rickard
>> bellgrim,ou=fou,o=.se,l=stockholm,st=stockholm,c=se/17127753708335508683
>
> Ok, the java program only found the cert. Will try to investigate why
> it could not find the private and public keys.

It looks ok from the PKCS#11 perspective. All the calls to SoftHSM are
returned with a positive answer containing the information it asked
for. There is nothing in the returned data that makes me suspect that
Java aborts the search. See output from PKCS#11-spy.

So I think it is more about the Java code and what that function call does.

(If you want to handle certificates, then I recommend using SoftHSM
trunk which now has support for it.)

// Rickard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: p11.out
Type: application/octet-stream
Size: 9717 bytes
Desc: not available
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20110617/48423a6d/attachment.obj>


More information about the Opendnssec-user mailing list