[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Home-made" PKCS certificates, soft-pkcs and PKINIT

Dear Heimdal developers and users!

How should I make certtificates to be usable with pkinit and soft-pkcs 
I have made self-signed certificates with hxtool. I have installed 
soft-pkcs11 module too. I have placed tab-separated .soft-token.rc file 
in my home directory:

mike     "Certificate for user mike"      /home/mike/secure/mike.pem
anchor   CA cert           /etc/ssl/ca.crt

But when I call

kinit -C PKCS11:/usr/local/lib/soft-pkcs11.so mike

it asks me about PIN code for certificate and after I simply hit Enter 

I think that PIN-code for "home-made" certificates is a passphrase for 
encrypted certificates but is it possible with hxtool to make encrypted 
certificates ?

Thank you in advance!