I
currently have a CS setup where using Gemalto tokens, I can see that an signing
and encryption certs are written to the card. What profile(s) in the
/var/lib/<ca instance>/profile directory is used to generate the certs in
a default dogtag setup?
I
noticed there is both a caTokenUserEncryptionKeyEnrollment.cfg and
caTokenUserSigningLeyEnrollment.cfg profiles in the directory that seem to
correspond to each of the certs created on the token. That is a bit odd to me as
I though it usually was one profile that would have multiple policysets to
handle 2 certs not a seperate profile for each?
The
basic question is I'd like to modify the configuration so a third cert is
created on the card (to be used for authentication) beyond the email signing and
encryption certs. Anyone know how to do
that?
Thanks
Sean