[Pki-users] "Format" button never enabled in Enterprise Security Client

John Magne jmagne at redhat.com
Fri Sep 20 23:39:20 UTC 2013 

Steve:

Thanks for the query.


When you put in a blank token such as you have probably described, the ESC should pop up
a "Phone Home" Dialog that asks you to type in a URL pointing to the TPS Server that is part
of Dogtag Certificate System.

If you do not get this Phone Home dialog there is possibly something wrong there.

As for smart card support we only have tested the main cards supported. If there is some alternate
card being attempted, it MAY work but we can make no assurances there.

thanks,
jack



----- Original Message -----
> From: "Steve Ross" <sross at trustedcs.com>
> To: pki-users at redhat.com
> Sent: Friday, September 20, 2013 3:20:22 PM
> Subject: [Pki-users] "Format" button never enabled in Enterprise Security	Client
> 
> I'm a new user of the Dogtag Certificate System...
> 
> I am trying to create a certificate and write it to a smart card.
> 
> My problem is that my Enterprise Security Client (ESC) does not allow me
> to format the smart card. When I insert the blank smart card, the ESC
> GUI shows
>      Issuer = Unknown
>      Issued To = Unknown
>      Status = Unformatted
> 
> However, the "Format" button is disabled and remains so.  Why?  Is there
> any configuration that I need to do in one of the PKI subsystems or ESC
> itself?
> 
> When I instead insert a Common Access Card (CAC), the ESC GUI shows
>      Issuer = U.S Government
>      Issued To = <name>
>      Status = Enrolled
> 
> and ESC is able to display thethree certificates of the CAC.  So, my
> hardware/software is working to the extent that it can read another card.
> 
> I see the section in the Red Hat Certificate System (RHCS) 8.1
> "Deployment, Planning, and Installation" guide that says:
> 
>      The Certificate System subsystems have been tested using the
> following tokens:
>          Gemalto TOP IM FIPS CY2 64K token, both as a smart card and
> GemPCKey USB form factor key
>          Gemalto Cyberflex e-gate 32K token
>          Safenet 330J Java smart card
> 
> I also see the section of the RHCS "Managing Smart Cards with the
> Enterprise Security Client" that says:
> 
>      The Enterprise Security Client supports smart cards which are
> JavaCard 2.1 or higher and Global
>      Platform 2.01-compliant and was tested using the following cards:
>          Safenet 330J Java smart cards
>          Gemalto 64K V2 tokens, both as a smart card and GemPCKey USB
> form factor key
>          Gemalto GCx4 72K and TOPDLGX4 144K common access cards (CAC)
>          Oberthur ID One V5.2 common access cards (CAC)
>          Personal identity verification (PIV) cards, compliant with FIPS 201
> 
> The smart card that I'm using is none of the above, though it exceeds
> the standards that the ESC manual describes.
> 
> 
> Following are the details of my smart card, reader, and installed software:
> 
> Smart card:
>    J2A080 - NXP JAVA based smart card, 80k EEPROM
>    This is supposed to meet the standards JCOP 2.4.1, JC 2.2.2, and GP
> 2.1.1.
>    It is a new card and is not supposed to have any applets on it.
> 
> 
> Smart card reader:
>    OmniKey 3121
> 
> 
> Operating system:
>    CentOS 5.9
> 
> 
> Software packages installed:
>    esc-1.1.0-14.el5.centos.1
>    pki-ca-1.3.6-1.el5
>    pki-tks-1.3.3-1.el5
>    pki-tps-1.3.1-1.el5
>    coolkey-1.1.0-15.el5
>    tomcat5-5.5.23-0jpp.40.el5_9
>    httpd-2.2.3-82.el5.centos
> 
> 
> Thanks in advance for any help,
> -- Steve Ross
> 
> 
> 
> 
> 
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>

More information about the Pki-users mailing list