Cryptographic token support
A cryptographic token is a hardware or software device with a built-in key store implementation. The cryptographic device is used to manage certificates stored on the cryptographic tokens (also known as smartcards).
Both cryptographic accelerators, where the cryptographic hardware device has no persistent key storage, and secure cryptographic hardware, where a cryptographic token generates and securely stores the private key used for SSL key exchange, are supported in the product.
The following token types are supported:
- PKCS#7
- PKCS#11
- PKCS#12
- MSCAPI (only on Windows platforms)
Cryptographic token support is limited to tested devices. These devices include support tested for SSL clients...
- IBM 4758-23
- nCipher nForce
- Rainbow Cryptoswift
- IBM Security Kit Smartcard
- GemPlus Smartcards
- Rainbow iKey 1000/2000(USB "Smartcard" device)
- Eracom CSA8000
Cryptographic token support has also been tested for the following SSL clients and servers...
- IBM 4758-23
- nCipher nForce
- Rainbow Cryptoswift
WAS uses IBMJSSE to support cryptographic token devices. Refer to the document $WAS_HOME\web\docs\jsse\readme.jsse.ibm.html for further information