Cryptographic card error in SystemOut.log
 Technote (troubleshooting)
 
Problem(Abstract)
Client is trying to setup the cryptographic and getting a following error on SystemOut.log.

[5/25/05 11:12:37:674 MEST] a14fed ConnectToRunt E
security.ctr.checkTokenLibFile.exception

I have no certificates on the card. We do not want to use the card as a keystore. We just want the card to do the computational work. Our goal is to reduce the CPU consumption by using this card. I used for the tests the IBM® WebSphere® Application Server dummykeyfiles with the dummy certificates. The normal (without the card) SSL-encryptions works fine.
 
Resolving the problem
It clearly states how to do setup PKCS#11 Token Support: INSTALLATION
Java Secure Socket Extension (JSSE) will try to load the DLL "jpkcs11". This name is mangled into a platform dependent library name (jpkcs11.dll on Windows and libjpkcs11.so on most other UNIX platforms). This mangled filename is searched in an OS dependent way. Either you put the DLLs into a standard directory or you customize the lookup of DLLs. Details depend on your operating system and your Java™ virtual machine (JVM). On Windows, put the DLLs (jpkcs11.dll, pkcslog.dll, and pseudotoken.dll) into the Windows system directory which is on the path (c:/windows, c:/winnt).

On most of the other platforms, you have to setup the environment variable LD_LIBRARY_PATH to include the directory where you installed the shared libraries.

The installation files can be found within docs\jsse\native-support.zip. On a UNIX system the files can be found within docs/jsse/native-support.zip.

http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_ikeycrypto.html

http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_crypto.html

and also from

AppServer\web\docs\jsse\readme.jsse.ibm.html

We do not think that is possible. This was never tested as to use the cards to just enhance the performance but not storing the keys on the card. So it is not supported. Not in 5.0 release.

Also we feel that by storing the key in the card the performance might be enhanced.
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.1.1
Software edition:
Reference #: 1215714
IBM Group: Software Group
Modified date: Feb 25, 2007