Hello,
I am getting "pkcs11_add_provider: PKCS #11 error." while using p11tool --provider=/usr/lib/softhsm/libsofthsm2.so --list-tokens command
Thanks
Thanks Yuri for replay. i solved that problem with sudo access.
I am trying to "Push certificate & key to HSM" using "p11tool --provider /usr/lib/softhsm/libsofthsm2.so --login --write " pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=1e28cce1f77ad0c7;token=CST-HSM-1234" --load-privkey keys/CSF1_1_sha256_2048_65537_v3_usr_key.pem --label CSF1_1_sha256_2048_65537_v3_usr --id 1000 " this command.
it ask for PIN : accepted pin which i have set.
it ask for Password : I have not set any password here,so i was not getting which password it need.i tried with my system password but it didn't work.
Log is as follows:
Token '' with URL 'key:' requires user PIN
Enter PIN:
Enter password:
importing --load-privkey: keys/CSF1_1_sha256_2048_65537_v3_usr_key.pem: Decryption has failed.
can you please help me with this.
For pushing certificate it didn't ask for password. it needed PIN only.
@pawar_123_y
Hello,
Have You followed all instructions, starting with "Installation" of Code-Signing
Tool – HSM User’s Guide (HSM-CST_UG.pdf) ?
Regards,
Yuri.
Hello Yuri,
I am following same document which you are referring i.e HSM-CST_UG.pdf and CST_UG.pdf from doc section of CST tool.
I have come to know, if i use add_key.sh to add keys to HSM it works fine and if i use command to push private key separately then i am facing error.
log as follows:
SoftHSM2
Private Key
$
p11tool --provider /usr/lib/softhsm/libsofthsm2.so --login --write "pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=700e507653035dfa;token=AHAB_Demo" --load-privkey ../keys/SRK1_sha384_secp384r1_v3_ca_key.pem --label SRK1_sha384_secp384r1_v3_ca_key --id 1000
Token '' with URL 'key:' requires user PIN
Enter PIN:
Enter password:
Correct me if i am wrong.
Thank you.