Using an Aladdin eToken with firefox Rumi, August 25, 2012 A very easy method for importing (or removing) keys in your eToken is to add the eToken as a Security Device in Firefox. The procedure for Thunderbird and Mozilla/Seamonkey is nearly identical. To add your eToken as a security device , follow these steps Start Firefox (Linux) Go to Edit->Preferences->Advanced->Tab "Encryption" (Windows) Go to Tools->Options->Advanced->Tab "Encryption" Click on 'Security Devices' You should see a screen similar to . Click on 'Load' In the next screen, enter a (possibly useful) name for this module and Click on 'Browse' to select the appropriate PKCS11 module (Linux) choose /usr/local/lib/libetpkcs11.so (Windows) choose $WINDIR\system32\etpkcs11.dll where $WINDIR is the location where Windows is installed. For most Windows XP systems, this will be c:\windows, for Windows 2000 this usually is c:\winnt. Click 'OK' The eToken PKCS11 module is now ready for use. If your eToken is inserted in the computer then it will appear in the list of Note that the name (label) of your eToken is the name that you gave it when your eToken was initialized. Note that you are not logged into your eToken at this time. You can do so by clicking on the 'Login' button, after which you'll be prompted for your eToken password: The next step is to store your existing grid certificate on your eToken. First, convert your grid certificate to PKCS12 format: # openssl pkcs12 -export -in ~/.globus/usercert.pem -inkey ~/.globus/userkey.pem -out globus.p12 Enter pass phrase for userkey.pem: Enter Export Password: Verifying - Enter Export Password: You will be asked for your grid certificate passphrase first and then for the (new) Export Password and then once more to verify your newly chosen export password. NOTE This Export Password is as important as your grid certificate passphrase, as both can be used to decrypt your private key. Guard them both safely! Go back to the "Encryption" preferences screen (Linux) Go to Edit->Preferences->Advanced->Tab "Encryption" (Windows) Go to Tools->Options->Advanced->Tab "Encryption" and click on 'View Certificates'. You will see a screen similar to Click on 'Import' and browse to the location of your globus.p12 file: (Linux users: remember to select the 'Show hidden files and directories' checkbox) Select your eToken as the device on which to store the certificate: Enter the password (User PIN) for your eToken: Enter the 'Export password' that you choose to export the PKCS12 file with: If all went well, Firefox will report success: after which your grid certificate should be stored on your eToken: Src: http://wiki.nikhef.nl/grid/Using_an_Aladdin_eToken_with_firefox Related DSC Tools PKI eToken
The SSL/TLS Handshake: an Overview March 6, 2018 Obligatory SSL/TLS Handshake Graphic All SSL/TLS-related sites have their own version of a handshake diagram – here’s ours! (Click to enbiggen.) Let’s Clear Up Some Confusion, If We Can Some confusion about how SSL/TLS handshakes work is due to the handshake being only the prelude to the actual, secured session itself. Let’s try to… Read More
Stunnel on Debian/Ubuntu with Squid October 27, 2015 What’s Stunnel The Stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the program’s code. What… Read More
Zimbra Letsencrypt SSL Renew – Zimbra 8.6 September 1, 2018 Let’s Begin: This works if you already have an expired letsencrypt ssl certificate and assuming you have already deployed SSL in you zimbra system. However, if you come up here already, and would like to know how to setup letsencrypt on your system you may read my other article here:… Read More