RE: [OpenCA-Devel] Question about LunaCA3

Alamood, Bahaaldin Wed, 13 Apr 2005 08:17:10 -0700

Jakub,

Do this
# ca3util -o -s 1 -I 11:10


Use the patched ****** OpenSSL 0.9.7x ******* like this

Create a self signed certificate after you  have generated the key using
the ca3util program

# openssl req -engine LunaCA3 -new -nodes -key PUT/PATH/TO/KEY-re/FILE
-out request.req -days 400 
#openssl x509 -engine LunaCA3 -req -days 400 -in /PATH/TO/REQUEST/FILE
-signkey PUT/PATH/TO/KEY-ref/FILE -out testcert.crt



Best regards
Bahaa Al-amood


> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:openca-devel-
> [EMAIL PROTECTED] On Behalf Of Jakub Musialek
> Sent: Wednesday, April 13, 2005 9:45 AM
> To: [email protected]
> Subject: RE: [OpenCA-Devel] Question about LunaCA3
> 
> Hy Bahaa
> 
> Chrystoki2 = {
>    EngineInit = 1:11:10;
>    Handle=10;
>    LibUNIX=/usr/luna/lib/libcrystoki2.so;
>    LibPath = /usr/luna/lib/libcrystoki2.so;
> }
> 
> CardReader = {
>   RemoteCommand=1;
> }
> 
> Luna = {
>   DefaultTimeOut=5000000;
>   PEDTimeout1=1000000;
>   PEDTimeout2=1000000;
> }
> 
> Misc = {
>    LogFile = /var/log/ca3util.log;
> }
> 
> EngineLunaCA3= {
>         LibPath=/usr/luna/lib/libcrystoki2.so;
>         EngineInit=1:11:10;
> }
> 
> That's my config and as you can see i've this line.
> Library is on it place
> 
> -rwxr-xr-x  1 root root 502688 Jan 22 2002
/usr/luna/lib/libcrystoki2.so
> 
> End the only thing that is strange is that openssl haven't enginearg
> command
> 
> opensslEngineArg "-enginearg 1:11:10" i put it in openssl.cnf (or
remove
> it)
> there is no diffrence.
> 
> I've also logout from luna and got the same error so there have to be
> problem connecting Luna with openssl but completly don't know where.
> 
> Rast
> 
> 
> On Tue, 2005-04-12 at 13:08 -0400, Bahaaldin Al-amood wrote:
> > Jakub,
> >
> > do you  have entries like this in your /usr/luna/etc/Chrystoki.conf
> > file?
> >
> >
> > EngineLunaCA3 = {
> >         LibPath=/usr/luna/lib/libcrystoki2.so;
> >         EngineInit=1:11:10;
> > }
> >
> >
> > where 1 = slot
> > 11:10 = app id
> >
> > you  need those so openssl can find the token and session
> >
> >
> > best regards,
> > Bahaa Al-amood




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel

RE: [OpenCA-Devel] Question about LunaCA3

Reply via email to