You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 66 Next »

A few folks have asked me about using the eToken on Intel-based Mac running Mac OS X 10.5 (Leopard), so I thought I'd write down what I know.


Remove Driver Version 4.5

If you installed version 4.5 of the driver before reading the place on the PDC website where it says it supports Mac OS X 10.4 and earlier, you've got a mess to clean up.

The 4.5 uninstaller doesn't uninstall everything, and the 4.55 driver isn't happy about it. The 4.5 uninstall leaves a bunch of junk in the following locations:

  • /usr/local/Contents
  • /usr/local/lib
  • /usr/local/sbin

A stock Leopard install doesn't even have a /usr/local so it should be pretty easy to identify etoken stuff to trash. Alternatively, you could simply rename all of the above directories to get them out of the way until you're sure you won't be deleting anything crucial.

Install Firefox

The Safari browser isn't supported, yet, so you'll need Firefox. Download Firefox at http://www.mozilla.com/en-US/firefox. Other Mozilla derivatives may work, too, but I haven't tried them.

Install the eToken Driver


Configure Firefox

  1. Import certificates for VT Root CA, VT Server CA, and VT User CA. All of these are available from www.pki.vt.edu under the System Administration menu.
    1. Download each of the certificates in PEM format to your desktop. The default save filename is cacert.pem; suggested names are vtrootca.pem, vtc1sca.pem, and vtuser.pem.
    2. Open Firefox Preferences
    3. Select the Advanced tab, Encryption tab, and click the View Certificates button.
    4. In the Certificate Manager dialog, select the Authorities tab. Use the Import button to import each of the CA certificates (vtrootca.pem, vtc1sca.pem, and vtuser.pem). Select the trust options so that the CA is trusted to identify web sites, authenticate signed email, and authenticate signed code.
  2. Plug in your token.
  3. Configure the device under Preferences.
    1. Select the Advanced tab, Encryption tab, and click the Security Devices button.
    2. Click the Load button
    3. Enter the module name as Aladdin PKCS#11, enter the module filename as /usr/local/lib/libeTPkcs11.dylib and click OK,
    4. If the token module loads correctly, you should soon see your name as retrieved from the token.

Perform a Test Signing

The PKI group has a page you can use to test the signing process at https://ash.eprov.seti.vt.edu/pdctest.

  • No labels