Chapter 23. Smart-card Authentication in Identity Management

download PDF
Authentication based on smart cards is an alternative to passwords. User credentials are stored on the smart card, and special software and hardware is used to access them. The user places the smart card into a reader and supplies the PIN code for the smart card.
This chapter describes how an administrator can configure smart card-based authentication in Identity Management and how users can use smart cards to authenticate to Identity Management.

23.1. Exporting a Certificate From a Smart Card

To export the certificate:
  1. Place the smart card into the reader.
  2. Use the following command to list the certificates on the smart card. In the output, locate the certificate to use for authentication, and note its nickname:
    $ certutil -L -d /etc/pki/nssdb/ -h all
    Certificate Nickname         Trust Attributes
    my_certificate               CT,C,C
  3. Extract the certificate to a file using the certificate nickname. For example, to extract the certificate in the Base64 format to a file named user.crt:
    $ certutil -L -d /etc/pki/nssdb/ -n 'my_certificate' -r | base64 -w 0 > user.crt
    The base64 utility is part of the coreutils package.
Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.