Hi Chris (and read-only newsgroup users also :o) ). Sure you need to install smartcard/token libraries. Sometimes they are called RTE (Run Time Environment). Gemplus smartcards also needs libraries. Mine are called GemSafe Libraries 4.2.0 SP2 Gold.
We are using smartcards and tokens, but smartcards more often. The whole proces looks like so: - take working Windows XP; - install card libraries; - install reader drivers (if you are using Gemplus reader, it's likely that they will came with card libraries); - insert clean new (not formatted/inicialized and so on) card to reader; - go to OpenCA /pub interface, fill in the form, choose cryptographic service provider "Gemplus GemSAFE Card CSP" (or another one, appropriate for your card/token) from "Cryptographic device" drop down, and submit form; - issue certificate; - receive e-mail from CA (or RA, depends on your configuration) with URL to new certificate; - follow that link from the same PC, same user and same browser, from which you have submitted request; - while asked, install certificate. That's it. Regards, Dmitrij -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Sent: Saturday, March 17, 2007 10:21 AM To: 'Ideas, tips and discussions about OpenCA installation and management.' Subject: Re: [Openca-Users] Smartcard usage Hi Dmitrij, Thanks for that info... Did you have to install any libraries/drivers? And is the whole process working (generating key on card / importing certificate onto card)? Are you using the card or the usb token? Thanks in advance, Chris -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dmitrij Mironov Sent: Wednesday, March 14, 2007 9:05 PM To: 'Ideas, tips and discussions about OpenCA installation and management.' Subject: Re: [Openca-Users] Smartcard usage Hi Chris, I use OpenCA with Gemplus GemSafe Xpresso smartcards. My operator environment is Windows XP Pro + IE 6.x/7.x + Gemsafe RTE. I have no problems with generating request for certificate in OpenCA PUB interface. I did not preinitialize smartcards, just put them in reader, fill in the form, choose crypto provider (Gemsafe) and submit. I heard that cards is not working (or just partially working) in Windows environment when they are initialized in opensc (Unix environment). Good luck. Dmitrij -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Sent: Wednesday, March 14, 2007 9:41 AM To: 'Ideas, tips and discussions about OpenCA installation and management.' Subject: [Openca-Users] Smartcard usage Hi, I'm trying to use Smartcards with Openca in internet explorer. When I'm at the stage of selecting the plugin, I'm using either: - the Microsoft cryptographic Smard card basic module - in which case I'm always getting the message that the inserted smartcard cannot be used... - the (only working) GEMSAFE provider, which tells me 'The smartcard does not contain the required keys'... The Gemsafe16K card is inistialised with opensc, I tried it with and without preinstalled private keys. The other cards are not initialised- therefore probably not working, have to sort that out yet. Does anyone have experience with this procedure and can give me any hints? I want to be able to write keys, and later (after issuing...) the certificates on a smartcard, without manual/administrative involvement... just user based. Any help appreciated, Thanks in advance, Chris ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users __________ NOD32 2113 (20070313) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
