Quick Start Guide
- Download and install the bundle.
- Click on Start, Click on Run, enter "CMD" to run a command line terminal.
- change your directory to the install directory of the smart card bundle:
cd C:\Program Files\Smart card bundle
- initialize a (blank!) card:
pkcs15-init --create-pkcs15 --use-default-transport-keys --profile pkcs15+onepin
'Warning: 'it is strongly recommended to read the smartcard os specific pages in the OpenSC wiki before writing any data on the token as some cards might not be erasable once initialized. - generate a 2048 bit rsa key:
pkcs15-init --generate-key rsa/2048 --auth-id 01 --key-usage sign,decrypt
- open a shell for openssl commands:
openssl
- load the pkcs11 engine, so you can use smart cards with openssl:
engine -t dynamic -pre SO_PATH:engine_pkcs11 -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD \ -pre MODULE_PATH:opensc-pkcs11.dll - generate a self signed certificate:
req -engine pkcs11 -new -key id_45 -keyform engine -x509 -out mycert.pem \ -config openssl.cnf -subj "/CN=Test User/emailAddress=test@example.org" - quit openssl command shell
quit
- Store your certificate on your token
pkcs15-init --store-certificate mycert.pem --id 45
- Test PKCS#11 functionality.
pkcs11-tool --login --test
- Erase your card, if something failed
pkcs15-init --erase --use-default-transport-key
Also see
- PuttySmartcard for using putty with smart cards.
