I'm trying to figure out how to use an Aladdin eToken Pro 72k to
authenticate an SSL session initated by a Python 2.4.3 client
application running on a CentOS 4 system.
the python software is a client making XMLRPC calls over https to a
tomcat webservice. We need to add token based authentication to this
mess.
I have no control over the OS, its got to be CentOS 4, so don't go there.
I have no control over the use of Python, this software is in production
and was developed by another group.
I -can- get the python people to adopt M2Crypto (they currently are
using the primitive socket.ssl native in 2.4.3), which I gather uses
OpenSSL, and I can get them to upgrade whatever bits of openssl I have
to as well as install opensc or whatever bits I need to in order to help
the python programmers authenticate their client with our tomcat servers
using a eToken.
I'm quite new to all this PKCS#11 stuff, and kinda lost here. CentOS
4 has openssl 0.9.7a (yes, I know, old), and if I have to build any
custom RPMs to customize stuff, I'm OK with that too, as long as I'm
convinced thats what I need to do...
We have the Linux PKI Client from Aladdin, which works with pcsc-lite,
and I thought OpenSSL was supposed to have some PKCS#11 hooks, but I'll
be darned if I can find any specifics on how to use this stuff
together. I see some contributed engine-xxxx patches for opoenssl, is
that where i need to go? or, do I need to use OpenSC instead?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
