Configuration is done using the sdtsmartcardadmin GUI from /usr/dt/bin.
This example uses an internal card reader with PayFlex cards.
Select 'Add Reader' and chose the only internal model available.
Activate smartcard services by restarting the OCF server (automatic after finishing first step).
In the 'Card Services' menu, select PayFlex and activate services for this type of card.
Click the 'Smart cards' item from the menu and load the ATR (answer to reset) for this card. Note: this is not one of the ATRs in the list that you sometimes get to see, you have to click 'Add' and select the new card's ATR.
In the 'Load Applet' menu, select the authentication applet (the only one currently available) and load it onto the card. If the card already contains the applet, because it has been used before, you get an error. Applets can not be removed from this type of card!
Select 'Config Applet', set the PIN (defaults to $$$$java) and select the username of the person that will be using the card. In my experience, user passwords should be max. 8 characters long for authentication via smartcard to work.
Configure removal options (in the tabs).
Test PIN and login.