Advanced Authentication supports the certificate-based PKCS#11 contact smart cards and USB tokens (crypto sticks).
Device Service supports the following devices:
Aladdin eToken PRO 32k/72k with SafeNet Authentication Client 9
ruToken
SafeNet Authentication eToken on the Mac OS.
To use PKI, specify a PKCS#11 module for your PKI device. See PKI Settings for more information.
The following are the requirements for used certificates:
Certificate must contain the OCSP or CRL link to check revocation status.
Certificate must contain a key pair: public and private key in the x509 format. The certificates that do not comply with the requirements are ignored (hidden during enrollment).
NOTE:The cards Cosmo polIC 64K V5.2 and Cyberflex Access 64K V1 SM 2.1 support the certificate-based enrollment only (generate a key pair mode is not supported).
To support the SafeNet Authentication eToken (PKI) on the Mac OS, perform the following steps:
Install the latest Device Service 6.0 on Mac OS.
Install the SafenetAuthenticationclient9.1.2.0.dmg package.
You can download SafeNet Authentication Client from Knowldege Symantec website.
Run the following commands to restart the Device Service:
sudo launchctl unload /Library/LaunchDaemons/com.netiq.deviceservice.plist
sudo launchctl load /Library/LaunchDaemons/com.netiq.deviceservice.plist
Plug-in the SafeNet Authentication eToken (PKI) to Mac OS.