EP11 token

Edit online

An EP11 token is a secure key token. A list of PKCS #11 mechanisms supported by the EP11 token is provided, as well as information about the purpose and use of the tools pkcsep11_migrate and pkcsep11_session.

You can read some information about secure keys in CCA token.

As a prerequisite for an operational EP11 token, the EP11 host library (also called EP11 host library in other documentations) must be installed (see Figure 3).

For EP11 tokens, you can introduce one or multiple tokens into the openCryptoki framework (see Adding tokens to openCryptoki) and configure them differently. For information on how to install the EP11 host library, refer to Exploiting Enterprise PKCS #11 using openCryptoki. You can download the EP11 host library from:

IBM PCIe Cryptographic Coprocessors

Note: The EP11 token directory must not be located in a directory that is either an NFS or a CIFS file system, but must be located in a file system that supports the flock() function which manages file locks.