2.5 Set up the MyID Entrust administration link
-
Copy the entrust.ini file from your Entrust server to the MyID application server.
This file must be configured for the type of smart card you are using.
The file must also be configured for the HSM you are using, if appropriate. For example, for a Luna HSM, you must add the following to the [Entrust Settings] section:
CryptokiV2LibraryNT=c:\Program Files\SafeNet\LunaClient\cryptoki.dll
See your Entrust documentation for further information.
Note: You must make sure that the FIPS value in the entrust.ini file is set to 0. Failure to do this will usually result in an Entrust error = -162 being reported when you try to test the connection.
You must make sure the copy of the entrust.ini file on the MyID application server reflects your existing Entrust configuration. If the file changes on the Entrust server, you must copy it to the MyID server.
-
Copy the .epf or .apf files for the Security Officer and XAP profiles you created in section 2.4, Create the MyID server profiles, to the MyID application server.
Note: You must set write permissions for the MyID COM+ user for the profile files and their location, because it must be possible for Entrust to open these files with read/write access. The CA manages Entrust profiles and automatically updates them and when a key or certificate expires. You may see errors if this file is set to read only; for example, -01055.