Token.xml
Aus HC Services
<openca> <token_config> <default_token>OpenSSL</default_token> <token> <name>OpenSSL</name> <type>OpenSSL</type> <mode>standby</mode> <option> <name>SHELL</name> <value>/usr/bin/openssl</value> </option> <option> <name>WRAPPER</name> <value></value> </option> <option> <name>KEY</name> <value></value> </option> <option> <name>PASSWD_PARTS</name> <value>1</value> </option> <option> <name>PEM_CERT</name> <value>/opt/openca/openca/var/crypto/cacerts/cacert.pem</value> </option> <option> <name>DER_CERT</name> <value>/opt/openca/openca/var/crypto/cacerts/cacert.der</value> </option> <option> <name>TXT_CERT</name> <value>/opt/openca/openca/var/crypto/cacerts/cacert.txt</value> </option> <option> <name>CHAIN</name> <value>/opt/openca/openca/var/crypto/chain</value> </option> <option> <name>OPENCA_SV</name> <value>/opt/openca/bin/openca-sv</value> </option> <option> <name>TMPDIR</name> <value>/opt/openca/openca/var/tmp</value> </option> <option> <name>CONFIG</name> <value>/opt/openca/openca/etc/openssl/openssl.cnf</value> </option> <option> <name>RANDFILE</name> <value>/opt/openca/openca/var/crypto/.rand</value> </option> <option> <name>DEBUG</name> <value>0</value> </option> </token> <!-- ab hier auskommentieren bis --> <!-- This is an example for Chrysalis-ITS Luna CA3. ... --> ... <!-- This is an example for a dynamic engine like OpenSC. Please notice that pre and post are used with the engine arguments of OpenSSL's engine command. --> <token> <name>CA</name> <type>OpenSC</type> <mode>standby</mode> <option> <name>SHELL</name> <value>/usr/bin/openssl</value> </option> <option> <name>WRAPPER</name> <value></value> </option> <option> <name>KEY</name> <value>id_01</value> </option> <option> <name>PASSWD_PARTS</name> <value>1</value> </option> <option> <name>PEM_CERT</name> <value>/opt/openca/openca/var/crypto/cacerts/cacert.pem</value> </option> <option> <name>DER_CERT</name> <value>/optl/openca/openca/var/crypto/cacerts/cacert.der</value> </option> <option> <name>TXT_CERT</name> <value>/opt/openca/openca/var/crypto/cacerts/cacert.txt</value> </option> <option> <name>CHAIN</name> <value>/opt/openca/openca/var/crypto/chain</value> </option> <option> <name>OPENCA_SV</name> <value>/opt/openca/bin/openca-sv</value> </option> <option> <name>TMPDIR</name> <value>opt/openca/openca/var/tmp</value> </option> <option> <name>CONFIG</name> <value>/opt/openca/openca/etc/openssl/openssl.cnf</value> </option> <option> <name>RANDFILE</name> <value>/opt/openca/openca/var/crypto/.rand</value> </option> <option> <name>ENGINE</name> <value>pkcs11</value> </option> <option> <name>PRE_ENGINE</name> <value>SO_PATH:/opt/libpkcs11/lib/engines/engine_pkcs11.so</value> </option> <option> <name>PRE_ENGINE</name> <value>ID:pkcs11</value> </option> <option> <name>PRE_ENGINE</name> <value>LIST_ADD:1</value> </option> <option> <name>PRE_ENGINE</name> <value>LOAD</value> </option> <option> <name>PRE_ENGINE</name> <value>MODULE_PATH:/usr/lib/libeTPkcs11.so</value> </option> <option> <name>CARDDRIVER</name> <value>etoken</value> </option> <option> <name>CARDREADER</name> <value>0</value> </option> <option> <name>PKCS15_INIT</name> <value>/opt/opensc/bin/pkcs15-init</value> </option> <option> <name>PKCS15_TOOL</name> <value>/opt/opensc/bin/pkcs15-tool</value> </option> <option> <name>OPENSC_TOOL</name> <value>/opt/opensc/bin/opensc-tool</value> </option> <option> <name>DEBUG</name> <value>1</value> </option> </token> </token_config> </openca>
Zurück zu OpenCA