Initializing a hardware token
In this recipe, we initialize an Aladdin eToken PRO 32K hardware token on Linux using the proprietary driver software from Aladdin (pkiclient). Initialization consists of the following steps:
Format the hardware token
Copy a private key to the token
Copy the corresponding public X509 certificate to the token
This recipe does not use OpenVPN at all, but it is a required step for the remaining recipes of this chapter.
Getting ready
Install PCSC-lite 1.4.4 or higher, OpenSC 0.11.4 or higher, and the Aladdin pkiclient driver. For this recipe, the computer used was running Fedora 12 Linux, PCSC-lite 1.5.2, OpenSC 0.11.12, and PKI Client 5.00.
Set up the client and server certificates using the first recipe from Chapter 2, Client-server IP-only Networks. Keep the client certificate and private key files client1.crt and client1.key at hand.
How to do it...
First, bring up the eToken PKI Client properties window and click on Initialize eToken. This will bring up the following...
