...
...
Table of Contents |
---|
xmlsectool
supports using credentials stored in PKCS#11 tokens such as cryptographic smart cards, both to sign and verify documents.
...
This configuration can be provided in one of two ways:
Statically, by editing the
java.security
file within the Java runtime, orDynamically, by providing it to
xmlsectool
's--pkcs11Config
option.
Although xmlsectool
supports both options, we strongly recommend dynamic configuration over static: because static configuration requires you to change a file within the Java runtime itself, the changes apply to every application using that runtime, require additional permissions on most systems, and may be erased whenever the runtime is updated.
Warning |
---|
We do not recommend mixing dynamic and static configuration (i.e., using |
Using xmlsectool
with Dynamic PKCS#11 Configuration
...