Date: Thu, 20 Jan 2000 16:57:42 -0500 (EST) From: Olga Kornievskaia To: smartcards@umich.edu Subject: EECS598: instructions for accessing ISO7816 documents Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII 1) Login to either 'engin' or 'itd' machine. * Tomoko, Zonghua, Jeremie, and Evan, since you don't allow CAEN to set your itd password, then, you should either: (1) login to 'itd' machine or (2) after logging into a caen machine type: 'klog -t @umich.edu'. 2) To go: /afs/engin.umich.edu/u/a/g/aglo/eecs598/public/ 3) Execute: ./kx509 => There are two possible outputs that this executable will produce 'Failed to...' => two possible causes: (1) server is down => try again (2) something is wrong with our installation, please email aglo@umich.edu 'Transferred... ' => you've received a needed certificate 4) Start 'netscape' 5) To go: http://www.umich.edu/~x509/testx509.html 6) Click on: 1a. Load UMICH TEST CA Cert. Go through the steps of adding the certificate. When prompted for the name, enter: 'TEST CITI CA' 7) Click on 'Security' button. 8) On the left side, click on 'Cryptographic modules' 9) On the right side, click on 'Add' button 10) In the 'Security Module Name' enter: kpkcs11 11) In the 'Security Module File' enter: /afs/engin.umich.edu/u/a/g/aglo/eecs598/public/kpkcs11/libpkcs11.so 12) Click 'Ok' button 13) You should see that 'kpkcs11' module has been added to the list of modules that you see on the right side. 14) On the left side, click on 'Signers'. Scroll down and make sure that you have a 'TEST CITI CA' certificate in the list. 15) On the left side, click on 'Yours'. You should see a certificate entry on the right side. If you don't see it, try to quit netscape and start it again. After the restart, check that you have the module you've added in the previous steps, and the 'TEST CITI CA' certificate under the 'Signers' section. After the successful check of those items, check if the 'Yours' certificate is in place. If it is still not there, please email: aglo@umich.edu. 16) Now you can contact the server securely. You would need to type 'https://hell.citi.umich.edu/iso7816/' to reach the documents. If you don't specify https, the access should fail (please report if it doesn't). However, the easiest way would be to follow the link from the class directory.