On 12/23/2013 4:38 AM, Jan Just Keijser wrote:
Hi,
>> Its been a while since I tried / checked, but is there any support for
>> generating keys on an actual hardware token in Windows ?
>> Specifically, it would be great if I could do this with the
>> Safenet/Aladin java etoken.
>>
>> I can do it on Unix using the older non java version keys, but I never
>> quite figured out how to do it in Windows, and there is no Java etoken
>> support that I have found on FreeBSD as it requires pkcs15 via OpenSC.
>>
> the newer Safenet java etokens require the Safenet driver software (or
> Aladdin eToken driver v5.0+). If you don't have access to this software
> then you're out of luck. If you do have access then generating keys on
> the token is doable (but not supported by easy-rsa at this moment).
> I've written scripts that work in both Windows (cygwin) and Linux to
> generate and install keys and certs on Aladdin/SafeNet etokens
> (32K/64K/72K). At one point I documented this for an older version of
> the eToken driver
> http://wiki.nikhef.nl/grid/EToken
> esp section
> http://wiki.nikhef.nl/grid/Storing_your_grid_certificate_on_an_Aladdin_eToken
>
> but the basic principe is the same for the newer driver (use
> eTPKcs11.dll on Windows)
> If there's any interest we could integrate this into the easy-rsa
> scripts, but as Eric Crist pointed out, this is VERY hardware and
> platform dependent.
Thanks! I will give this a try over the holidays. I do have the drivers
and client software for Windows. I just was never able to get a cert
generated under windows
---Mike
--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, m...@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
