PingDirectory

PKCS #11 support in the PingDirectory server

PKCS #11 is a standard that defines an API (also known as cryptoki) for interacting with cryptographic tokens.

They can interact with things including:

  • Hardware security modules (HSMs)

  • Smart cards

  • Cryptographic accelerators

    Cryptographic accelerators aren’t used as much now because most CPUs include their own native support.

Many PKCS #11 tokens provide the ability to store certificates, and the PingDirectory server supports using these types of PKCS #11 tokens as an alternative to a Java KeyStore (JKS) or PKCS #12 file-based key store. While the PKCS #11 tokens used in production environments are typically associated with hardware devices, it’s possible to emulate a PKCS #11 token in software.