|
Problem(Abstract) |
Client is trying to setup the cryptographic and getting a
following error on SystemOut.log.
[5/25/05 11:12:37:674 MEST] a14fed ConnectToRunt E
security.ctr.checkTokenLibFile.exception
I have no certificates on the card. We do not want to use the card as a
keystore. We just want the card to do the computational work. Our goal is
to reduce the CPU consumption by using this card. I used for the tests the
IBM® WebSphere® Application Server dummykeyfiles with the dummy
certificates. The normal (without the card) SSL-encryptions works
fine. |
|
|
|
Resolving the
problem |
It clearly states how to do setup PKCS#11 Token Support:
INSTALLATION
Java Secure Socket Extension (JSSE) will try to load the DLL "jpkcs11".
This name is mangled into a platform dependent library name (jpkcs11.dll
on Windows and libjpkcs11.so on most other UNIX platforms). This mangled
filename is searched in an OS dependent way. Either you put the DLLs into
a standard directory or you customize the lookup of DLLs. Details depend
on your operating system and your Java™ virtual machine (JVM). On Windows,
put the DLLs (jpkcs11.dll, pkcslog.dll, and pseudotoken.dll) into the
Windows system directory which is on the path (c:/windows, c:/winnt).
On most of the other platforms, you have to setup the environment variable
LD_LIBRARY_PATH to include the directory where you installed the shared
libraries.
The installation files can be found within docs\jsse\native-support.zip.
On a UNIX system the files can be found within
docs/jsse/native-support.zip.
http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_ikeycrypto.html
http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/tsec_crypto.html
and also from
AppServer\web\docs\jsse\readme.jsse.ibm.html
We do not think that is possible. This was never tested as to use the
cards to just enhance the performance but not storing the keys on the
card. So it is not supported. Not in 5.0 release.
Also we feel that by storing the key in the card the performance might be
enhanced. |
|
|
|
|
Cross Reference information |
Segment |
Product |
Component |
Platform |
Version |
Edition |
Application Servers |
Runtimes for Java Technology |
Java SDK |
|
|
|
|
|
|