| Sun Crypto Accelerator 6000 Board User’s Guide for Version 1.0 |    
|
| A P P E N D I X B |
|
Installing and Configuring openCryptoki Software for Linux |
This appendix describes how to install and configure openCryptoki software for Linux environments. Sections include:
| Note - openCryptoki software is for Linux platforms only. |
automake and autoconf utilities are required for configuring openCryptoki software. If these utilities are not installed by default, install them with the following packages.
The Sun Crypto Accelerator 6000 board uses openCryptoki as the interface for PKCS#11 applications. The board has certified openCryptoki 2.2.2-rc6 released on Feb. 13, 2006. The original package and a patch from Sun are downloadable only from the Sun Crypto Accelerator 6000 product web site, http://www.sun.com/products/networking/sslaccel/suncryptoaccel6000/index.xml. Additional information on openCryptoki is available at: http://sourceforge.net/projects/opencryptoki.
Later releases of openCryptoki might not be supported. Refer to the Sun Crypto Accelerator 6000 Board Product Notes for Version 1.0 before using any other releases.
Use the following procedure to install the openCryptoki 2.2.2 software.
Download openCryptoki 2.2.2, openCryptoki-2.2.2-rc6.tar.bz2, from http://sourceforge.net/projects/opencryptoki. Choose a directory to unpack the archive. The /var/tmp directory is used in this example. Use the following command to uncompress the file:
Use the following command to unpack the file:
The files should be in the /var/tmp/openCryptoki-2.2.2-rc6/ directory. The documentation is in the /var/tmp/openCryptoki-2.2.2-rc6/doc/ directory. Refer to the openCryptoki-HOWTO.pdf file for architectual and design information.
| Note - Check the Sun Crypto Accelerator 6000 Board Product Notes for Version 1.0 to verify you have all of the required patches installed before configuring and compiling openCryptoki. |
The configuration and installation are described in the /var/tmp/openCryptoki-2.2.2-rc6/README file. Use the following commands to configure, compile, and install the openCryptoki software or consult the README file:
This will install the openCryptoki software in the default location, which is as follows:
The Sun Crypto Accelerator 6000 board requires openCryptoki to be installed in its default location. Refer to the README file for the installed files.
In addition to the above base installation for 32-bit applications, you must install a 64 bit openCryptoki library for 64 bit applications.
Change to /var/tmp/openCryptoki-2.2.2-rc6/usr/lib/pkcs11/api directory.
Edit the makefile and change the -m32 option to -m64 and use the following command to compile the 64 bit openCryptoki library:
Use the following command to put the 64 bit openCryptoki library in its default location:
Create the following directories if they do not exist:
Link the 32 bit openCryptoki library to the /usr/lib/ directory with the following command:
On 64 bit platforms, link the 64 bit openCryptoki library to the /usr/lib64 directory with the following command:
Before starting openCryptoki, add the pkcs11 group to the system using the following command:
Edit /etc/group file and add root, daemon, and other users that might want to use openCryptoki in the pkcs11 group. The following is an example:
| Note - Only local users (not network users) may run openCryptoki applications--the users must be in /etc/passwd file. |
The openCryptoki daemon is started by the Sun Crypto Accelerator 6000 board startup script. See Chapter 3 for details.
| Sun Crypto Accelerator 6000 Board User’s Guide for Version 1.0 | 819-5536-12 |
|
Copyright © 2010, Oracle and/or its affiliates. All rights reserved.