Hello there, me again ;) I am trying to generate a request with a Cryptoflex 32k e-gate token from Axalto using OpenCA FrontEnd. Big trouble... What I want is: * at the start: my token is initialized with a pin code, that is pkcs15-init -EC -T --label 'Carte03' --no-so-pin pkcs15-init -P -T --auth-id 01 --label 'Ope03' --pin 1234 --puk 4321
(I also tried pkcs15-init -EC -T --no-so-pin -c flex_onepin pkcs15-init -P --pin 1234 --puk 1234 -a 1 -l PIN1 -T -c flex_onepin that normally does not require the transport key when generating the keypair) * at the end: the keypair and the certificate on the token. So I use Mozilla Firefox and my OpenCA Public interface to request a certificate with the 'Request a certificate with automatic browserdetection' option. Firefox recognizes my token (gives me a list with my token and the default browser token), I can then choose it and enter my token PIN code. Then the window 'generation of the private key' appears but actually nothing seems to be generated and my token is empty. Logically my CSR does not have any public key that goes along with it normally, that is why I have got the following error when I try to approve the request in the RA, because the pub key = NULL: " Error 700 General Error A Certificate with the same public key exists! This is a keycompromise of the certificates with the serial: 1 2 ... Please revoke the certificates and delete the request." My problem is not only OpenCA-related I think but if anyone went this way, any help is definitely welcome! My config: using Debian Sarge - OpenCA 0.9.2.1 - OpenSSL 0.9.7e-2 - Opensc 0.9.6-1 with Mozilla plugin - Openct 0.6.4-2 - Mozilla Firefox 1.0.4-2 Regards, Pierre ------------------------------------------------------- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
