Firefox example
Remember to close and open your browser to ensure that it loads the new environment variables.
- Open the menu and click on Options.
- Select Privacy and Security and click on Security devices.
-
Click on Load and enter:
- a name for the module (e.g:
Dinamo
) - the path of the PKCS#11 library Dinamo
- a name for the module (e.g:
-
Then click OK and then OK again.
- Click on View certificates, select the Your certificates tab. If there are keys/certificates properly installed in the HSM, they will appear here.
If you want to import a new certificate, you can do so via Firefox itself, just click Import, select the file in PKCS#12 format (.pfx) and click OK.
Once imported, your certificate can be used in Firefox.
- If your certificate is a valid ICP-Brasil certificate, you can use it to access, for example, the Receita Federal Service Portal, e-cac. When you open Firefox on the e-Cac site, a screen will appear where you select the certificate you want and click OK to access the protected site.
Key/Certificate Import
There are several ways to import a key/certificate pair. One is via the remote console (hsmcon).
-
Open the
hsmcon
entering the user id and password. hsmcon can be run via the command prompt (just by typinghsmcon
and pressing ENTER) or in the start menu.Dinamo - Remote Management Console v. 3.2.17.0 2018 (c) Dinamo Networks HSM 10.61.53.65 e - Engine 4.0.2.0 (DXP) - TCA0000000 - ID master Main Menu Keys/Objects Users HSM 1 - Create... 16 - Create 31 - Info 2 - Remove 17 - Remove 32 - Retrieve logs 3 - Attributes 18 - List 33 - Clear logs 4 - Import... 19 - Attributes 34 - Backup 5 - Export... 20 - Trust Relations 35 - Restore 6 - List 21 - Password Policy 36 - Monitor events 7 - Permissions... 22 - My Password 37 - Monitor resources 8 - Backup 38 - Monitor sessions 9 - Restore 39 - Firmware update 40 - Replication... 41 - SPB... 42 - IP Filter... 43 - Tests... 0 - Exit Option:
-
Select the option -
Import...
,Asymmetric Keys
and thenPKCS#12
.- Choose the PKCS#12 (.pfx) file containing the key/certificate you want to import;
- Enter the password for the file (.pfx);
- Select whether the private key is exportable or not;
- Choose the name of the private key;
- Choose the name of the certificate;
- Choose the name of the public key;
The name of an object (private key, public key, certificate, etc.) in HSM can contain up to 32 alphanumeric characters or an underscore (_).
```
Dinamo - Remote Management Console v. 3.2.17.0 2018 (c) Dinamo Networks
HSM 10.61.53.65 e - Engine 4.0.2.0 (DXP) - TCA0000000 - ID master
Keys/Objects - Import - Asymmetric Keys - PKCS#12
File (local) : c:\tmp\lab.pfx
Private key password : ********
Exportable (y/[n]):y
Private key name : lab
X.509 certificate name (HSM) : lab_cert
Public key name (ENTER for none) : lab_pub
File loaded successfully.
Press ENTER key to continue...
```
Done! Your key is installed and ready to use.