CA EEM Release NotesChanges to Existing Features › Changes to Safex XML

Previous Topic: Changes to iPoz.conf File

Next Topic: Issuing Certificates Using Safex

Changes to Safex XML

The following tags are added to the Safex XML to support certificates during application registration with CA EEM:

PEM certificates

<Register certtype="pem" certfile="RBC_Hospital.pem" keyfile="RBC_Hospital.key" password="RBC_Hospital">

Where
certfile

Specifies the name of the PEM certificate file.

keyfile

Specifies the private key file.

password

Specifies the password required to read the pem file. In FIPS-only mode, password tag must be blank.

P12 certificates

<Register certtype="p12" certfile="RBC_Hospital.p12" password="RBC_Hospital">

certfile

Specifies the name of the P12 file.

password

Specifies the password required to read the P12 file.

P11 certificates

<Register certtype="p11" pkcs11lib="pkcs11lib" token="token" userpin="userpin" id=”id” sensitive=”true”>

Where
pkcs11lib

Specifies the path to the PKCS11 library implementation.

token

Specifies the hardware token name.

userpin

Specifies the user pin required to log in.

id

Specifies the certificate label.

sensitive

Specifies if the private key is treated as sensitive data or not. If the private key path is specified as sensitive, the private key cannot be copied.

Value: [True|False].