Installation of B-Trust e-signature on MacBook M1, macOS Monterey

· 3 min read
Installation of B-Trust e-signature on MacBook M1, macOS Monterey

My signature is on Borica B-Trust with Gemalto reader. And every time configuring it under MacOS was a nightmare for me. Yesterday I tried again and the miracle happened: I managed to get my e-signature, not only under Firefox and the National Revenue Agency portal, but also with Adobe Reader.

To get started, you need to have the latest versions of Mozilla Firefox, Oracle Java and Download Acrobat Reader DC installed.

Installing the SafeNet device

Visit the B-Trust website, enter the email with which your signature is registered and download SafeNet Authentication Client 10.8 application from here. After installing the device application, restart your computer.

SafeNet Authentication Client 10.8 for MAC
SafeNet Authentication Client 10.8 for MAC

If you had an application previously installed, you need to uninstall that version (from Uninstall, not Move to trash) and then install the version of the version of MAC OS you own. Uninstallation and installation is done with the token removed from the computer. It is recommended to restart after each one.

Caution!

  • It is not recommended to pair the token with the key chain of your operating system.
  • Mac OS introduces the token in standby after a period of non-use. If you leave the token connected for a long time, you must close the applications in which you use it (Adobe Reader or browser), remove the token and reopen the desired applications when resuming the token activity.
  • If you use the token with the library configured in Adobe Reader, it is recommended that you close the Adobe Reader application with Quit after you have finished signing in Adobe Reader, and remove the token from your computer only after that.

Using the certificate for authentication in Mozilla Firefox

To log in to Mozilla, you need to configure the token library located in /usr/local/lib/libeTPkcs11.dylib by accessing Tools -> Privacy & Security -> Certificates -> Security Devices.

token library

It's not difficult: choose Firefox Settings -> Privacy & Security -> Security Devices, or just search for "Security Devices" in the Firefox Settings search box. When you open Secirity Devices you give Load and give the path to the corresponding library.

You need to add certificate chains in Firefox.
Firefox Settings -> Privacy & Security -> View Certificates
You will be prompted for your PIN. From the Certificate Manager, select Authorities. Each certificate is selected one by one. When importing, you need to allow all rights.

http://ca.b-trust.org/repository/B-TrustRootQCA_DER.crt
http://ca.b-trust.org/repository/B-TrustRootACA_DER.crt
http://ca.b-trust.org/repository/ca5/RootCA5_DER.crt
http://ca.b-trust.org/repository/B-TrustOperationalQCA_DER.crt
http://ca.b-trust.org/repository/B-TrustOperationalACA_DER.crt
http://ca.b-trust.org/repository/ca5/OperCA5QES_DER.cer
http://ca.b-trust.org/repository/ca5/OperCA5AES_DER.cer

Using the certificate when signing in Adobe Reader

If the signing certificate does not appear in Adobe Reader even after the restart, the token library must be configured in this application. Follow the steps to set up:

  • Go to Acrobat Reader-> Preferences -> Signatures -> Identities & Trusted certificates-> More… -> Digital IDs -> PKCS # 11 Modules and Tokens -> Attach Module and copy the token library: /usr/local/lib/libeTPkcs11.dylib.
  • After attaching the library, select the position SafeNet eToken PKCS#11 tht appears under PKCS#11 Modules and Tokens, press Login (from the right panel) and enter the token PIN (password).
  • Select the token label (name) in the left pane, then the certificate (in the validity period) that appeared in the right pane, and choose Usage Options -> Use for Signing.
  • Close the Adobe Acrobat Reader DC application with Quit in the Dock.