Using Hardware Crypto Accelerator With Enterprise Server

Using database directory /var/opt/SUNWappserver/domains/domain1/config ...

Listing of PKCS#11 Modules

-----------------------------------------------------------

1. NSS Internal PKCS#11 Module slots: 2 slots attached

status: loaded

slot: NSS Internal Cryptographic Services token: NSS Generic Crypto Services

slot: NSS User Private Key and Certificate Services token: NSS Certificate DB

2. Sun Crypto Accelerator

library name: /opt/SUNWconn/crypto/lib/libpkcs11.so slots: 1 slot attached

status: loaded

slot: Sun Crypto Accelerator:mytoken token: mytoken

-----------------------------------------------------------

Managing Keys And Certificates

This section describes a few common procedures for creating and managing keys and certificates using certutil and pk12util. For details on certutil and pk12util, see “Using Network Security Services (NSS) Tools” on page 116 and documentation on the NSS Security Tools site at http://www.mozilla.org/projects/security/pki/nss/tools.

Note – By configuring a PKCS#11 provider in the java.security properties file (located in the JAVA_HOME/jre/lib/security directory of the Java runtime), you can also use the J2SE keytool utility to manage keys and certificates. For details on using keytool, and Java PKCS#11 Reference Guide at http://java.sun.com/j2se/1.5.0/docs/guide/security/p11guide.html.

This section describes the following topics:

“Listing Keys and Certificates ” on page 123

“Working With Private Keys and Certificates” on page 124

122

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 2008

Page 122
Image 122
Sun Microsystems 820433510 manual Managing Keys And Certificates, This section describes the following topics