Token.xml
Aus HC Services
<openca>
<token_config>
<default_token>OpenSSL</default_token>
<token>
<name>OpenSSL</name>
<type>OpenSSL</type>
<mode>standby</mode>
<option>
<name>SHELL</name>
<value>/usr/bin/openssl</value>
</option>
<option>
<name>WRAPPER</name>
<value></value>
</option>
<option>
<name>KEY</name>
<value></value>
</option>
<option>
<name>PASSWD_PARTS</name>
<value>1</value>
</option>
<option>
<name>PEM_CERT</name>
<value>/opt/openca/openca/var/crypto/cacerts/cacert.pem</value>
</option>
<option>
<name>DER_CERT</name>
<value>/opt/openca/openca/var/crypto/cacerts/cacert.der</value>
</option>
<option>
<name>TXT_CERT</name>
<value>/opt/openca/openca/var/crypto/cacerts/cacert.txt</value>
</option>
<option>
<name>CHAIN</name>
<value>/opt/openca/openca/var/crypto/chain</value>
</option>
<option>
<name>OPENCA_SV</name>
<value>/opt/openca/bin/openca-sv</value>
</option>
<option>
<name>TMPDIR</name>
<value>/opt/openca/openca/var/tmp</value>
</option>
<option>
<name>CONFIG</name>
<value>/opt/openca/openca/etc/openssl/openssl.cnf</value>
</option>
<option>
<name>RANDFILE</name>
<value>/opt/openca/openca/var/crypto/.rand</value>
</option>
<option>
<name>DEBUG</name>
<value>0</value>
</option>
</token>
<!--
ab hier auskommentieren bis
-->
<!--
This is an example for Chrysalis-ITS Luna CA3.
...
-->
...
<!--
This is an example for a dynamic engine like OpenSC.
Please notice that pre and post are used with the engine
arguments of OpenSSL's engine command.
-->
<token>
<name>CA</name>
<type>OpenSC</type>
<mode>standby</mode>
<option>
<name>SHELL</name>
<value>/usr/bin/openssl</value>
</option>
<option>
<name>WRAPPER</name>
<value></value>
</option>
<option>
<name>KEY</name>
<value>id_01</value>
</option>
<option>
<name>PASSWD_PARTS</name>
<value>1</value>
</option>
<option>
<name>PEM_CERT</name>
<value>/opt/openca/openca/var/crypto/cacerts/cacert.pem</value>
</option>
<option>
<name>DER_CERT</name>
<value>/optl/openca/openca/var/crypto/cacerts/cacert.der</value>
</option>
<option>
<name>TXT_CERT</name>
<value>/opt/openca/openca/var/crypto/cacerts/cacert.txt</value>
</option>
<option>
<name>CHAIN</name>
<value>/opt/openca/openca/var/crypto/chain</value>
</option>
<option>
<name>OPENCA_SV</name>
<value>/opt/openca/bin/openca-sv</value>
</option>
<option>
<name>TMPDIR</name>
<value>opt/openca/openca/var/tmp</value>
</option>
<option>
<name>CONFIG</name>
<value>/opt/openca/openca/etc/openssl/openssl.cnf</value>
</option>
<option>
<name>RANDFILE</name>
<value>/opt/openca/openca/var/crypto/.rand</value>
</option>
<option>
<name>ENGINE</name>
<value>pkcs11</value>
</option>
<option>
<name>PRE_ENGINE</name>
<value>SO_PATH:/opt/libpkcs11/lib/engines/engine_pkcs11.so</value>
</option>
<option>
<name>PRE_ENGINE</name>
<value>ID:pkcs11</value>
</option>
<option>
<name>PRE_ENGINE</name>
<value>LIST_ADD:1</value>
</option>
<option>
<name>PRE_ENGINE</name>
<value>LOAD</value>
</option>
<option>
<name>PRE_ENGINE</name>
<value>MODULE_PATH:/usr/lib/libeTPkcs11.so</value>
</option>
<option>
<name>CARDDRIVER</name>
<value>etoken</value>
</option>
<option>
<name>CARDREADER</name>
<value>0</value>
</option>
<option>
<name>PKCS15_INIT</name>
<value>/opt/opensc/bin/pkcs15-init</value>
</option>
<option>
<name>PKCS15_TOOL</name>
<value>/opt/opensc/bin/pkcs15-tool</value>
</option>
<option>
<name>OPENSC_TOOL</name>
<value>/opt/opensc/bin/opensc-tool</value>
</option>
<option>
<name>DEBUG</name>
<value>1</value>
</option>
</token>
</token_config>
</openca>
Zurück zu OpenCA
