I want to store a trusted certificate on a Cryptoflex 16k and write protect it with the user PIN. Therefor I changed "protect_certificates" in flex.profile to "yes" and adjusted the size of the DFs accordingly. With a blank card I did:
All operations returned without an error. But the certificate file was created under DF 5015 and not DF 5015/4B01 and so the certificate is'nt protected.
Looking at the source it seems, that --auth-id is ignored with --store-certificate. Is there any way to protect certificates with pkcs15-init on Cryptoflex? Do I have to apply further changes to flex.profile?