Download certificate on the token

Question

Download certificate on the token

MhmodTayel opened this issue 2 years ago · 5 comments

Hello,
I can generate a CSR using fortify but i want to download a certificate on the ePass2003 token.
I can do it using openssl but i want to do it using fortify
also is there any way to initialize and change so pin and user pin using fortify ?
Thanks in advance

Answer 1 · 2022-08-25T08:06:04.000Z

You can install the certificate on the token, there is a sample for that.

Initialization is token specific, as are unblocks. We have not added support for this as a result. It’s technically possible and would consider doing it under contract.

Answer 2 · 2022-08-25T08:11:10.000Z

Could you please provide me with this sample ?
also a last question. Is there a way to use certificate to authenticate users using IAM. I tried keycloak and wso2 but both of them require the certificate to be in pfx format which includes private key in it so it doesn't work for hsm tokens

Answer 3 · 2022-08-25T08:13:25.000Z

https://github.com/PeculiarVentures/fortify-examples/blob/gh-pages/example2.html#L110-L120

If you know the algorithm (WebCrypto Algorithm) of the certificate, you can import it without certificate parsing

Answer 4 · 2022-08-26T07:29:31.000Z

One can use mutual TLS in browsers or use Fortify to implement a challenge and response authentication scheme in browser. We do not have an example for this.

Answer 5 · 2022-08-26T07:34:29.000Z

But mutual TLS requires to send private key along with the certificate to server in pfx format and i can't get this from ePass2003 token