Comments (5)
On 9/12/2013 6:19 AM, sanaullah82 wrote:
I am trying to write pem certificates in softhsm using pkcs11-tool but it feels that, pem based certificate are not supported by pkcs11-tool. pkcs11-tool can only write a DER certificate.
OpenSSL is your friend...
openssl x509 -inform PEM -outform DER < cert.pem > cert.der
openssl pkcs12 -help
Openvpn implementation can only read pem/p12 certificates from any smart card or hsm. I need this to integrate with openvpn? please let me know if there is a way?
Certificates are always stored in DER (ASN.1) on the card. PEM is just a base 64 encoding of the DER.
Regards,
Sanaullah—
Reply to this email directly or view it on GitHub #181.
Douglas E. Engert [email protected]
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
from opensc.
thanks for the response.
OpenSSL is your friend...
openssl x509 -inform PEM -outform DER < cert.pem > cert.der
I have used the same above commands to write the certs in softhsm and its ok.
but when i try to list the certs using openvpn pkcs11 interface. its unable to list any certs.
I have tested some smart cards, they are working with openvpn. I wrote the pem encoded certificates on smart cards not DER encoded. on the basis of that, I am assuming openvpn which uses pkcs11-helper library to read the certs, may be unable to read Der encoded certificate.
from opensc.
OpenVPN seems to accept certificates on cards in binary format, see http://acksyn.org/docs/smart-cards-openvpn.html The link also shows how to configure OpenVPN...
@sanaullah82 has your problem been solved?
from opensc.
please reopen if not
from opensc.
That issue was fixed.
On Fri, Dec 12, 2014 at 2:54 AM, Frank Morgner [email protected]
wrote:
please reopen if not
—
Reply to this email directly or view it on GitHub
#181 (comment).
from opensc.
Related Issues (20)
- asymmetric key encryption in pkcs11 module does not work
- Use ccache to speed up CI builds
- Windows certificate caching in GIDS HOT 2
- OpenSC + Smartcard-HSM + secp521r1 + OpenSSH = signing failed for ECDSA "secp521r1": error in libcrypto HOT 12
- Unable to generate RSA key using piv-tool HOT 6
- OpenSC Minidriver with PIVApplet + ECC keys on Win11: error on slot 9c - public key does not match private key HOT 28
- MacOS S/MIME Outlook or Mail.app no certificates on Yubikey smartcard detected HOT 17
- OpenSC build for macOS M1 Pro HOT 10
- OpenSC 0.25.1 + SmartCard-HSM 3.6 + brainpoolP256t1 = `point is not on curve` HOT 3
- RSA padding in release 0.25.1 HOT 3
- French eID - reading HOT 1
- OpenSC Minidriver Does Not Display the Second Key Container of JPKI Card When certutil -scinfo Is Executed HOT 30
- Closing orphaned open sessions HOT 2
- Extend the tests with PivApplet to use piv-tool instead of yubico-piv-tool
- Understanding/Documentation of why after ssh-ing to a system the card readers dissapear. HOT 4
- Current master fails to build (problem with man pages?) HOT 10
- make compilation error: unresolved external symbol _EAC_init, _EAC_CTX_new and many other referenced in function _sc_hsm_init HOT 4
- Cannot export EC public key using pkcs11-tool HOT 6
- Gemalto IDPrime 940 no longer lists private key after renewal HOT 15
- Update SmartCardHSM Wiki Page for Pubkey Auth HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opensc.