[Pki-users] Utimaco HSM "Not Found" problem

Arshad Noor arshad.noor at strongauth.com
Thu Apr 22 19:27:43 UTC 2010


Can someone from the DogTag team explain the process by which
the installation servlet "finds" PKCS11 modules/HSMs and logs
into them?  Alternatively, if you can point me to the specific
source module that performs this, I'd be happy to look at it
myself.

I'm still baffled by our inability to have the installation
servlet find the Utimaco HSM module, despite the fact that
modutil sees it:

$ pet105:~> modutil -dbdir /var/lib/subca01/alias -nocertdb -list

Listing of PKCS #11 Modules
-----------------------------------------------------------
   1. NSS Internal PKCS #11 Module
          slots: 2 slots attached
         status: loaded

          slot: NSS Internal Cryptographic Services
         token: NSS Generic Crypto Services

          slot: NSS User Private Key and Certificate Services
         token: NSS Certificate DB

   2. CryptoServer
         library name: /usr/bin/libcs2_pkcs11.so
          slots: 1 slot attached
         status: loaded

          slot: CryptoServer Device '/dev/cs2' - Slot No: 0
         token: CBUAE TEST
-----------------------------------------------------------


There were some SELinux errors, but I fixed all of them; despite
all calls now being successful, the installation servlet will
still not see the HSM.

Thanks.

Arshad Noor
StrongAuth, Inc.




More information about the Pki-users mailing list