|
|
Hi, Tony recently posted that he's using cryptoapicert in order to use two-factor authentication. At the moment i'm using Aladdin eTokens together with the pkcs11.dll provided by the Aladdin RTE. In order to get the PIN prompted i've hacked a little Win32 Delphi program which requests the pin and feeds it to the OpenVPN management interface. It works so far. However, i would like to avoid this "hack" in order to use the cryptoapicert-option, and the Windows certificate store. Unfortunately i'm not able to configure the eToken RTE, respectively Windows to display a PIN-popup and to look on the Token in order to access the certificate/key. So, my questions are: - How can i create a private key and certificate on the eToken, in a way Windows is able to find it? (i suppose using openssl with the pkcs11-engine and the eToken pkcs11.dll is the wrong way, since the Aladdin RTE expects a specific data-"layout" on the token) - is it still possible to use easy-rsa for generating certificates compatible with cryptoapicert? Thanks and regards, Robert ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |