Hi, >> this is a little bit off topic, but I hope somebody has an idea.... >> >> I use OpenSC to append a smart-card to OpenCA and want to get rid of the >> passwort dialog on OpenCA. I think this shoulb be possible by unlocking >> the Smartcard by entering its PIN on startup and than access it withput >> the PIN. > > are you talking about using the smart card as a cheep HSM for the CA ? If > so, then it should just be a config thing as the Luna and nShield don't > ask for passwords at the CA.
without having looked at it, I think it could work this way: If I am not mistaken, OpenSC provides a PKCS#11 engine for OpenSSL. There is also a PKCS#11 to PKCS#11 bridge available (I think also from OpenSC, pkcs11spy) that allows debugging the interface. Bahaa told me about this during the Workshop. So what you could do is to hack this PKCS#11 bridge to query the PIN from a daemon process: OpenSSL | PKCS#11 Bridge <----> PIN Daemon PKCS#11 | OpenSC | Smartcard Just an idea. Martin ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
