pkcs11_add_provider: PKCS #11 error.

Thanks Yuri for replay. i solved that problem with sudo access.

I am trying to "Push certificate & key to HSM" using "p11tool --provider /usr/lib/softhsm/libsofthsm2.so --login --write " pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=1e28cce1f77ad0c7;token=CST-HSM-1234" --load-privkey keys/CSF1_1_sha256_2048_65537_v3_usr_key.pem --label CSF1_1_sha256_2048_65537_v3_usr --id 1000 "  this command.

it ask for PIN : accepted pin which i have set.

it ask for Password : I have not set any password here,so i was not getting which password it need.i tried with my system password but it didn't work.

Log is as follows:

Token '' with URL 'key:' requires user PIN
Enter PIN:
Enter password:
importing --load-privkey: keys/CSF1_1_sha256_2048_65537_v3_usr_key.pem: Decryption has failed.

can you please help me with this.

For pushing certificate it didn't ask for password. it needed PIN only.

@pawar_123_y 
Hello,

   Have You followed all instructions, starting with "Installation" of Code-Signing
Tool – HSM User’s Guide (HSM-CST_UG.pdf) ?

Regards,
Yuri.

Hello Yuri,

I am following same document which you are referring i.e HSM-CST_UG.pdf and CST_UG.pdf from doc section of CST tool.

I have come to know, if i use add_key.sh to add keys to HSM it works fine and if i use command to push private key separately then i am facing error.

log as follows:

SoftHSM2
Private Key
$

p11tool --provider /usr/lib/softhsm/libsofthsm2.so --login --write "pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=700e507653035dfa;token=AHAB_Demo" --load-privkey ../keys/SRK1_sha384_secp384r1_v3_ca_key.pem --label SRK1_sha384_secp384r1_v3_ca_key --id 1000
Token '' with URL 'key:' requires user PIN
Enter PIN:
Enter password:

Correct me if i am wrong.

Thank you.

@pawar_123_y 
Hello,

   Also :

https://community.nxp.com/t5/i-MX-Processors/what-password-i-need-while-pushing-private-key-to-hsm/m...

Regards,
Yuri.