Rishi Renjith wrote: > Regarding the other part.. > when I add the hardware accelerator to my NSS database using modutil, > and list it, I get the following output. > # modutil -list -dbdir . > Listing of PKCS #11 Modules > ----------------------------------------------------------- > 1. NSS Internal PKCS #11 Module > slots: 2 slots attached > status: loaded > > slot: NSS Internal Cryptographic Services > token: NSS Generic Crypto Services > > slot: NSS User Private Key and Certificate Services > token: NSS Certificate DB > > 2. Sun Crypto Accelerator > library name: /usr/lib/libpkcs11.so > slots: 2 slots attached > status: loaded > > slot: Sun Metaslot > token: Sun Metaslot > > slot: Sun Crypto Softtoken > token: Sun Software PKCS#11 softtoken > > I am confused why the slot "Sun Crypto Softtoken" is also being listed, > shouldn't it be the hardware accelerator slots that should be listed > with the Sun Metaslot? > > any suggestions?
By running 'cryptoadm enable metaslot token=...' you hide the hardware accelerator token as the default "Sun Metaslot", this makes the "Sun Software PKCS#1 softtoken" slot visible. Which ever token is marked as the default token object store for metaslot is hidden from the list and "renamed" "Sun Metaslot". -- Darren J Moffat
