[Opendnssec-user] SoftHSM and Java

Rickard Bellgrim rickard at opendnssec.org
Mon Jun 20 13:34:59 UTC 2011

Hi Peter

On Mon, Jun 20, 2011 at 3:26 PM, Peter Hudec <peter.hudec at swan.sk> wrote:
> I played al little bit with trunk version, but was not able to import certificate file
> by cli.
> The input file must be in PKCS8 format so how do I convert the CRT file from PEM
> to PKCS8, while the PKCS8 is only for storing the private keys?

Sorry about that. The support for certificates is through the PKCS#11
interface. Not implemented in the CLI. The CLI only imports private
and public keys.

> Please could you /or anybody else/ send my some stupid proof example how to store
> the cert file in the softhsm? /cli version/. I tried olso the switch --type
> but maybe with wrong file type ;(

Perhaps trying something like this with pkcs11-tool (maybe missing
some arguments):
pkcs11-tool --module=/usr/local/lib/libsofthsm.so -p 1234 -l -y cert
-a LABEL -d 1234567890 -w server.crt

// Rickard

More information about the Opendnssec-user mailing list