Re: AW: [Openca-Users] Download certificate onto token

Mon, 21 Feb 2005 14:38:30 -0800

[EMAIL PROTECTED] wrote:
Hello, 

We use Alladin tokens for our users. The Certificate request for the
user is generated on the client machine using the PUB interface of
OpenCA. AFIK this has to be done on the client as the keys are
generated by the token.


i may add some more to this:

it depends on the purpose of the keys, signature keys could/should be generated on the token, since they belong to the user, encryption keys are usaly generated at the ca and get an backup, since even eTokens
get lost/demaged and you may not want to get lost data becouse of this...

so i think one part to answer this question is to ask for such requirements and get out some actions then, where to generate which keys, key backup (for encryption keys for example) and so on...

if download certificates onto token is not working, it is possible to export the p12 files and import them via a webbrowser for example, this will will work with linux/unix and windows, if done under linux


gretings
dalini


Mit freundlichen Gr��en / With Kind Regards Max Schmid


-----Urspr�ngliche Nachricht----- Von:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Im Auftrag von
Cornelius Koelbel Gesendet: Freitag, 18. Februar 2005 18:50 An:
[email protected] Betreff: [Openca-Users] Download
certificate onto token


Hello,

what do I need, to be able to "Download certificate onto token" when
I am in the interface of the ra.

Do I have to plug in the token at the local machine, where the ra is
 running?

What libs are used? OpenSC? What commands are used to download the
certificate (in the background)? I've got an aladdin eToken.

Regards Cornelius 



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to