I was almost a quarter past ways devloping the smartcard applet which theoretically could read the info from the smartcaard and use the digital certificate from the smartcard to authenticate you to
Access Manager.
Here's the low-down on the effort. Smartcard readers are vendor specific. I used the
ActivCard SDK for building the applet with some amout of minor hacking. So now; I have come to realize that the smartcard reader and the applet are vendor specific. whew !! what a painstaking effort. But nevertheless a good learning experience.
So Now; I'm invesigating
musclecard; and hope to learn that the applet that I develop is not vendor specific... If anybody has any info on developing a non vendor specific
(smartcard reader manufacturer specific) applet, please, please please do
"SHARE" the info.
I wish everybody adopts the
OpenSC Framework.
Identity Alliance has a product called
ID Alley.
ID Ally provides everything you need to begin deploying and using smart cards for security purposes. It provides the necessary software components to enable your smart card with a variety of applications and purposes such as: - Email Signing / Encryption using Outlook
- Web Authentication using Internet Explorer
- Signing and Encryption using Adobe Acrobat
- Password wallet for secure password storage
- Enrollment using Windows 2003 CA
- Certificate Auto-Enrollment Options
- Digital ID (certificate) Self-Enrollment Tool
- Mozilla/Firefox Email, Web Authentication
- Caching for convenience and speed
- Utility for viewing certs and changing pin and unblocking
- Card applet management capability
- Easy to Use Installer and Documentation
ID Alleyis FREE for personal use, and has a 30 day free trial for professional use so you can trial the software before choosing whether to license it. Using Windows 2000 or XP, you can use the provided installer to install all the components and documentation needed to begin.
Download ID Ally
In order to use
ID Alley, You need to do the following:
- Download ID Alley
- Unpack ID Alley
- double click on the msi file to install it
- start regedt32
- change HKEY_LOCAL_MACHINE\SOFTWARE\Identity Alliance\AuthShim\PKCS11BaseModule to "opensc-pkcs11.dll"
- change HKEY_LOCAL_MACHINE\SOFTWARE\Identity Alliance\AuthShim\PKCS11Module to "opensc-pkcs11.dll"
- change HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Identity Alliance CSP\PKCS11Module to "opensc-pkcs11.dll"
- close regedt32
- run "ID Alley Card Manager"
- enter PIN
- urn off virtual slots in opensc.conf
Test it by visiting some ssl client certificate protected web site with Internet Explorer
AH !! you need to also use a
PC/SC compliant smartcard reader FROM ANY VENDOR. And if you do this my SmartCard applet would work... So help me please...