Configure SunPKCS11 to use the Futurex PKCS #11 module
This section explains configuring the SunPKCS11 provider to use the PKCS #11 module. The SunPKCS11 provider, an integral part of the Java Cryptography Architecture (JCA), allows Java applications to access cryptographic services through the PKCS #11 API. Select one of the following operating systems and follow the instructions:
Locate the Futurex PKCS #11 library:
Confirm the location of the libfxpkcs11.so file available on your system. Note its full path for later use. For example, it might be located at /usr/local/bin/fxpkcs11/libfxpkcs11.so.
Create a SunPKCS11 configuration file:
The SunPKCS11 provider uses a configuration file to load the PKCS #11 module. Perform the following steps:
- Create a file named pkcs11.cfg (or any name you prefer, with a .cfg extension). You can save this file anywhere, but a standard location would be similar to /usr/local/etc/pkcs11.cfg.
Register the library with Java:
Open the java.security file.
Add the following line with the path of the pkcs11.cfg file you just created to the SunPKCS11 security provider line. Then, save the file.