[Opendnssec-user] SoftHSM and Java
peter.hudec at swan.sk
Mon Jun 20 13:26:32 UTC 2011
I played al little bit with trunk version, but was not able to import certificate file
The input file must be in PKCS8 format so how do I convert the CRT file from PEM
to PKCS8, while the PKCS8 is only for storing the private keys?
Please could you /or anybody else/ send my some stupid proof example how to store
the cert file in the softhsm? /cli version/. I tried olso the switch --type
but maybe with wrong file type ;(
On 06/17/2011 03:28 PM, Rickard Bellgrim wrote:
> On Fri, Jun 17, 2011 at 3:04 PM, Rickard Bellgrim
> <rickard at opendnssec.org> wrote:
>> On Fri, Jun 17, 2011 at 2:47 PM, Rickard Bellgrim
>> <rickard at opendnssec.org> wrote:
>>> It works with SoftHSM from trunk.
>>> rickard at fou:~/javatest$ java Main
>>> Alias: MyCert/1.2.840.1135184.108.40.206=#16157269636b617264624063657274657a7a612e6e6574,cn=rickard
>> Ok, the java program only found the cert. Will try to investigate why
>> it could not find the private and public keys.
> It looks ok from the PKCS#11 perspective. All the calls to SoftHSM are
> returned with a positive answer containing the information it asked
> for. There is nothing in the returned data that makes me suspect that
> Java aborts the search. See output from PKCS#11-spy.
> So I think it is more about the Java code and what that function call does.
> (If you want to handle certificates, then I recommend using SoftHSM
> trunk which now has support for it.)
> // Rickard
Mgr. Peter Hudec
Divízia stratégie a rozvoja
(Research and Development Department)
Borská 6, 841 04 Bratislava 4
More information about the Opendnssec-user