Re: [OCF] Smart cards and SSL

Tue, 09 Jan 2001 11:45:28 -0800 


Hi Douglas,

I am able to authenticate with an apache-ssl server (the only one I have 
tried it with, but really the issue is client-side anyway) using a GPK8000 
card, specifically the Gemplus GemSafe card. I'm not sure this will be of 
any use to you as it does not involve either OCF or JSSE - the method used 
was simply the GemSafe Workstation wrappers for PKCS11 (under Netscape) or 
Microsoft IE's CSP for storing the certificate to the card.

Both browsers have an option after you install GemSafe that allow you to 
save the certificate to your card rather than to your hard drive when you 
sign up for a certificate -- you simply choose that option and the browsers 
know to store and also look for the information on your default reader.

I wish I could be more helpful, I think I have a readme of the process 
around somewhere if you would like to read it,
Gila.

At 05:11 PM 1/9/01 -0300, [EMAIL PROTECTED] wrote:

>Hello,
>I would like to hear on people's experiences about SSL client
>authentication using certificates and private keys stored in smart cards.
>Particularly, I would like to know whether anyone has already used JSSE
>(http://java.sun.com/products/jsse/) 1.0.2 to open an SSL connection
>between two endpoints that authenticate themselves to each other using a
>smart card. I think this is an important proof of concept for us using or
>learning to use OCF and I look forward to using this in my future projects.
>Regards,
>Douglas

..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..
Gila Sheftel                              Developper, R&D, CTO Group    
Gemplus Inc.                             (514) 732-2459         

Noir comme la nuit, chaud comme l'enfer, doux comme l'amour,
  et pur comme un ange.

-- Henry David Thoreau, talking about how he likes his coffee. :)



---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/

! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
!                           [EMAIL PROTECTED]
! containing the word
!                           unsubscribe 
! in the body.

Reply via email to