Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

reading certificate from smart card

 
anuja Kar
Greenhorn
Posts: 9
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hello all,

im trying to add smart card/etoken login from my web application . I am able to do login when only one certificate is present in my smart card or etoken.
my problem is :
When it contains more than one certificate i need to list it to the user , and login using the certificate he opts and only at that time the pin of the device should be taken.
As of now i am loading the keystore with pin and reading the alias.
Can any one tell me is there any way to access public certificate from the token without making the user to enter pin.
this is the code i am using ..





Thanks
Anu
 
S.Vijay Krishnan
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

We are in the intial stages of implementing smart card logins to our web application. Could you please provide me some high level information on how you designed it in your system.

Thanks.
 
Marta Czerniewicz
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I spent some time on this issue and I suppose I found a solution.
Here is user guide for PKCS#11: Java PKCS#11 Reference Guide
I added this line to SunPKCS11 config:

attributes(*,CKO_PUBLIC_KEY,*)={ CKA_TOKEN=true }

and it seems to retrieve public certificates without entering pin.
 
Dave Soldo
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi to all,
I tried to add the line mentioned by Marta to SunPKCS11 config file...but I can't understand how I can load the keystore without passing a pin code. Even trying to load the keystore with

load(LoadStoreParameter param) with param = null I can't access to the smartcard without pin.

Someone maybe solved this problem?
Thanks in advance
 
Marta Czerniewicz
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is how I'm retrieving certificates.
I hope this help.

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic