All, I have CS 8.0 GA installed and I am trying to use the tpsclient tool for testing the TPS. When enrolling a user there are 2 keys, (signing and ID) generated on the card and the encryption key is generated server side. When the tpsclient enrollment is complete it states "Success - Operation 'ra_enroll' Success". But looking into the tps-error log it states that: [2009-12-21 11:41:01] a6b19c50 CertEnroll::verifyProof - VFY_CreateContext() failed [2009-12-21 11:41:01] a6b19c50 CertEnroll::ParsePublicKeyBlob - verify proof failed [2009-12-21 11:41:01] a6b19c50 RA_Enroll_Processor::DoEnrollment - Failed to parse public key [2009-12-21 11:41:01] a6b19c50 CertEnroll::verifyProof - VFY_CreateContext() failed [2009-12-21 11:41:01] a6b19c50 CertEnroll::ParsePublicKeyBlob - verify proof failed [2009-12-21 11:41:01] a6b19c50 RA_Enroll_Processor::DoEnrollment - Failed to parse public key These errors are not seen when enrolling with a SafeNet 330J. My tpsclint script is below. Is there are way to use the tpsclient and have keys generated on the fake token verified successfully? op=var_set name=ra_host value=tps op=var_set name=ra_port value=7888 op=var_set name=ra_uri value=/nk_service op=token_set cuid=00000000000000000003 op=token_set msn=01020304 op=token_set app_ver=499dc06c op=token_set key_info=0101 op=token_set major_ver=1 op=token_set minor_ver=4 op=token_set auth_key=404142434445464748494a4b4c4d4e4f op=token_set mac_key=404142434445464748494a4b4c4d4e4f op=token_set kek_key=404142434445464748494a4b4c4d4e4f op=ra_enroll uid=frederick.c.meyer pwd=aixAeiYZnhhnbzBB num_threads=1 new_pin=not4long keygen=true op=exit Thanks, Alan Mikolajczuk