Go to content

Firefox example

Remember to close and open your browser to ensure that it loads the new environment variables.

  • Open the menu and click on Options.

Firefox menu screen.

Firefox menu screen.
  • Select Privacy and Security and click on Security devices.

Firefox options screen.

Firefox options screen.

  • Click on Load and enter:

    1. a name for the module (e.g: Dinamo)
    2. the path of the PKCS#11 library Dinamo

  • Then click OK and then OK again.

Loading screen.

Loading screen.
  • Click on View certificates, select the Your certificates tab. If there are keys/certificates properly installed in the HSM, they will appear here.

If you want to import a new certificate, you can do so via Firefox itself, just click Import, select the file in PKCS#12 format (.pfx) and click OK.

Firefox options screen.

Firefox options screen.

Once imported, your certificate can be used in Firefox.

Certificates in Firefox.

Certificates in Firefox.
  • If your certificate is a valid ICP-Brasil certificate, you can use it to access, for example, the Receita Federal Service Portal, e-cac. When you open Firefox on the e-Cac site, a screen will appear where you select the certificate you want and click OK to access the protected site.

PKCS#11 Login to the site.

PKCS#11 Login to the site.

Key/Certificate Import

There are several ways to import a key/certificate pair. One is via the remote console (hsmcon).

  1. Open the hsmcon entering the user id and password. hsmcon can be run via the command prompt (just by typing hsmcon and pressing ENTER) or in the start menu.

    Dinamo - Remote Management Console v. 3.2.17.0 2018 (c) Dinamo Networks

HSM 10.61.53.65 e - Engine 4.0.2.0 (DXP) - TCA0000000 - ID master

Main Menu

Keys/Objects Users HSM

 1 - Create...            16 - Create 31 - Info
 2 - Remove 17 - Remove 32 - Retrieve logs
 3 - Attributes 18 - List 33 - Clear logs
 4 - Import...            19 - Attributes 34 - Backup
 5 - Export...            20 - Trust Relations 35 - Restore
 6 - List 21 - Password Policy 36 - Monitor events
 7 - Permissions...       22 - My Password 37 - Monitor resources
 8 - Backup 38 - Monitor sessions
 9 - Restore 39 - Firmware update
                                                       40 - Replication...
                                                       41 - SPB...
                                                       42 - IP Filter...
                                                       43 - Tests...

0 - Exit

Option:

  2. Select the option - Import..., Asymmetric Keys and then PKCS#12.

    1. Choose the PKCS#12 (.pfx) file containing the key/certificate you want to import;
    2. Enter the password for the file (.pfx);
    3. Select whether the private key is exportable or not;
    4. Choose the name of the private key;
    5. Choose the name of the certificate;
    6. Choose the name of the public key;

The name of an object (private key, public key, certificate, etc.) in HSM can contain up to 32 alphanumeric characters or an underscore (_).

```
Dinamo - Remote Management Console v. 3.2.17.0 2018 (c) Dinamo Networks

HSM 10.61.53.65 e - Engine 4.0.2.0 (DXP) - TCA0000000 - ID master

Keys/Objects - Import - Asymmetric Keys - PKCS#12

File (local) : c:\tmp\lab.pfx
Private key password : ********
Exportable (y/[n]):y
Private key name : lab
X.509 certificate name (HSM) : lab_cert
Public key name (ENTER for none) : lab_pub

File loaded successfully.

Press ENTER key to continue...
```

Done! Your key is installed and ready to use.