Hi,
I would need to access the NitrokeyHSM via a JAVA provider (eg. keytool or apache-tomcat).
In an older post, I found the following qoute by Jan
In general yes, you can use Nitrokey from Java. For Nitrokey Pro: Either execute GnuPG or use our PKCS#11 driver. For Nitrokey HSM: Either execute gpg-sm, use our PKCS#11 driver, or use our JCE Provider (most easy).
I tried to connect with configuring a new provider to jre/lib/security/java.security
security.provider.10=sun.security.pkcs11.SunPKCS11 /root/nitrokey.cfg
where nitrokey.cfg contains
name = nitrokey
library = /usr/lib64/opensc-pkcs11.so
slot=0
This results in a keytool error PKCS11 not found
[root@server ~] keytool -list -keystore NONE -storetype PKCS11 -providerName SunPKCS11-nitrokey
keytool error: java.security.KeyStoreException: PKCS11 not found
This method in general works with other HSM vendors
Could you give me hint where to find the mentioned PKCS11-Driver and/or JCE Provider and how to configure it?
Thanks in advance!