Before You Begin
To perform this procedure, you must install and enable TPM on the system. Ensure that the tcsd daemon is also running.
# ls -alF /dev/tpm lrwxrwxrwx 1 root 39 Dec 27 2011 /dev/tpm -> ../devices/pci@0,0/isa@1/tpm@1,1670:tpm
# svcadm enable tcsd
$ pktool inittoken currlabel=TPM
$ pktool setpin token=tmp/TPM so
$ pktool setpin token=tmp/TPM
$ pktool gencert token=tpm/TPM -i $ pktool list token=tpm/TPM
Any existing applications that already use the Cryptographic Framework in libpkcs11 can use the TPM token for their operations by making the applications select the TPM token device for the sessions.
In this example, the TPM token is first assigned a new name. Thereafter, all subsequent actions on the token refer to the new name.
$ pktool inittoken currlable=TPM newlabel=JohnDoeTPM $ pktool setpin token=tmp/JohnDoeTPM so $ pktool gencert token=tpm/JohnDoeTPM -i $ pktool list token=tpm/JohnDoeTPM