I have a SafeNet HSM certificate, and I can view HSM slots and see certificates. But when I try to download the certificate using java keytool, I get this message: "your keystore contains 0 entries." The following explains how to connect to the HSM.
this is my safenet configuration file
name = SafeNetCA
library = D:/cryptoki.dll
slot = 1
and this is my java.security file where I add the SunPKCS11 provider
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=sun.security.ec.SunEC
security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider
security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.9=sun.security.smartcardio.SunPCSC
security.provider.10=sun.security.mscapi.SunMSCAPI
security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider
security.provider.11=sun.security.pkcs11.SunPKCS11 C:/ocsp/safenet-provider.cfg
and below is the command that I execute in java keytool
keytool -keystore NONE -storetype PKCS11 -list
then it asks for the HSM password and I enter it correctly. and finally here
source
share