Christian Schneider wrote:
the problem is that you do not only need a public/private key pair but also a certificate. If you generate the key on the card with xcard then the private key is normally not readable. That is one of the core security features of smartcards. But if you want to issue a certificate signing request you need to sign it with your private key to proof that you own the key and have the right to get the certificate for this key. As openssl does not work with muscle yet you can not sign the csr.
Thanks so much for your detailed response. Am I to understand from this that the muscle PKCS11 layer is incomplete? Or just that cert signing is not a part of PKCS11?
Carl Youngblood
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle
