We have a couple of Nitrokey HSM 2 devices. When we attempt to use any
opensc tool, we receive the following error:
Pkcs15-tool -D returns:
Using reader with a card: Nitrokey Nitrokey HSM (DENK…
Failed to connect to card: Card is invalid or cannot be handled
dmesg tool identifies the device when we plug it in and provides the product string “Product: Nitrokey HSM.” Our user account has access to USB devices.
We are running Ubuntu 16.04 with the following tool versions (from apt):
opensc 0.15.0-1ubuntu1 amd64
opensc-pkcs11 0.15.0-1ubuntu1 amd64
pcsc-tools is 1.4.25-1 amd64
Are there any other tips, hints, or tricks to try?
I believe your OpenSC 0.15 is too old. We provide updated OpenSC packages for Ubuntu here.
You were correct. Thanks!
Hey jan, another quick question. I wrote to the support group about obtaining the SmartCard-HSM SDK. I read here that the SDK would be provided on request.
Is it true that the support team can provide me with a copy of the SDK?
Great! Thanks. I sent an email directly to firstname.lastname@example.org. I’ll await a response.
I wrote an email over one month ago already asking for the SDK but did not receive an answer by now. Are there any special pre-requisites I need to provide to obtain the SDK that I might not have considered before asking?
Please register to the CardContact Developer Network (CDN) and download the SDK from there. More information on the HSM vendor’s support page.
We do no longer provide a SDK, but make all the artifacts available in a GIT repository at the CDN. You need to register at the PKI-as-a-Service Portal to obtain a X.509 certificate, from which the key can be used to authenticate via ssh+git.
The following repos are available
- scsh-mods - the modules from the scsh directory of a Smart Card Shell installation
- sc-hsm-sdk-scripts - the example scripts and test suites from the scripting workspace
- pki-as-a-service - the PKI-as-a-Service portal
- ocf - the OpenCard Framework (a Java card middleware)
- scsh3 - the Smart Card Shell
- scriptingserver - the OpenSCDP scripting server
- sc-hsm-jceprovider - The Java JCE Provider for the SmartCard-HSM
- sc-hsm-pgp - A PGP implementation for the SmartCard-HSM
- sc-hsm-android-example - an Android example application to access a SmartCard-HSM via USB, NFC or as MicroSD card with embedded SE
- sc-hsm-android-library - A library with the requires low level common modules for Android
You can obtain a list of repositories when you connect via
The scripting workspace is available as part of the sc-hsm-starterkit.