How to Create a Private Key on a Smart Card (Command Line)

This procedure is appropriate for the Java-based iButton and Cyberflex smart cards. You cannot store a private key on the Payflex card.

To use this feature, you must have a public-key infrastructure (PKI) set up at your site.

1. Create a public/private-key pair for the user using the appropriate commands for your PKI.

2. Export the private-key part of the key pair into a separate file.

   Record the fully qualified path name of the file because you have to specify it later when setting up the private-key property.

3. Become superuser on the system used for initializing smart cards.

4. Insert a smart card into the card reader.

5. Change to the Java security directory.

   # cd /usr/java1.2/jre/lib/security

6. Edit the java.security file.

7. Locate the security.provider definition in the file.

   This is the "master security properties file". # . . # Each provider must implement a subclass of the Provider class. # To register a provider in this master security properties file, # specify the Provider subclass name and priority in the format # security.provider.<n>=<classname>

8. Ensure that there is a comment sign (#) in front of this line.

   # security.provider.<n>=<className>

9. Add the following text:

   # Each provider must implement a subclass of the Provider class. # To register a provider in this master security properties file, # specify the Provider subclass name and priority in the format # # security.provider.<n>=<className> security.provider.2=com.sun.ami.common.SunAMI

10. Initialize the card by typing the following on one line:

    # smartcard -c init -A A000000062030400 -P `PIN_number' privatekey= key_file_name

    PIN_number	Represents the PIN assigned to the card.
    key_file_name	Is the full path name of the file containing the user's private key.

    ---

    Note -

    The certificate property is not fully implemented by the SolarisAuthApplet.

    ---