Search

Chapter 4. Using Smart Cards for Web and Mail Clients

download PDF
After a smart card is enrolled, the smart card can be used for SSL client authentication and S/MIME email applications. The PKCS #11 module has different names and is located in different directories depending on the operating system.
Table 4.1. PKCS #11 Module Locations
Platform Module Name Location
Red Hat Enterprise Linux onepin-opensc-pkcs11.so /usr/lib64/

4.1. Setting up Browsers to Support SSL for Tokens

To set up the Firefox browser to support SSL for tokens:
  1. Open the Edit menu and select Preferences.
    If the menu bar is not visible in Firefox, press the Alt key to temporarily display it.
  2. In the Advanced entry, select the Certificates tab, and click the Security Devices button.
  3. Add the PKCS #11 driver:
    1. Click the Load button.
    2. Enter a module name.
    3. Click Browse, select the Enterprise Security Client PKCS #11 driver library, and click OK.
  4. If the CA is not yet trusted, download and import the CA certificate.
    1. Open the SSL End Entity page on the CA. For example:
      https://server.example.com:9444/ca/ee/ca/
    2. Click the Retrieval tab, and then click Import CA Certificate Chain.
    3. Click Download the CA certificate chain in binary form and then click Submit.
    4. Choose a suitable directory to save the certificate chain, and then click OK.
    5. Click Edit > Preferences, and select the Advanced tab.
    6. Click the View Certificates button.
    7. Click Authorities, and import the CA certificate.
  5. Set the certificate trust relationships.
    1. Click Edit > Preferences, and select the Advanced tab.
    2. Click the View Certificates button.
    3. Click Edit, and set the trust for websites.
The certificates can be used for SSL.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.