I'm sorry, I forgot that when I plugged in scr331 to my working laptop, I had no issues.
So, the scr3500 and the scr331 work on laptop the scr3500 works on desktop, but scr331 only works with certain certificates. On Thu, Oct 3, 2013 at 7:26 PM, Howdy Dood <h0wdyd3...@gmail.com> wrote: > OK, I seem to have narrowed it down. It's an SCR-331 CaC reader. > > Once I tried a different model, it works without a problem. > > That being said, I used the SCR-331 for years without an issue. Did pcscd > have an update in the last few months that would have affected support? I > last used the card reader in May and had been using it without incident. > > > On Thu, Oct 3, 2013 at 2:21 PM, Howdy Dood <h0wdyd3...@gmail.com> wrote: > >> Douglas, >> >> Thanks for your help. >> >> It uses the card in that it prompts for pin, then prompts for which cert >> to use. On sites that use Digital signature certificate, they work fine. >> On sites, such as webmail, that use email certificate, I get those errors. >> >> That being said, both types of certs/sites work on my f19 laptop:( >> >> How do I see if I'm missing some such certificates? My issue is I get >> the same error with firefox, chrome, and davmail, and with any user I >> create/try. >> >> I attached the debug, but didn't see anything relevant. Prior to this >> email, I had to use virtualbox in order to send an email that I had to >> send. Pretty frustrating:O >> >> >> On Thu, Oct 3, 2013 at 2:10 PM, Douglas E. Engert <deeng...@anl.gov>wrote: >> >>> >>> On 10/3/2013 1:02 PM, Howdy Dood wrote: >>> >>> Douglas, thanks, but as I said, it works on the exact same site with >>> another machine. The site is not down. I'm using it right now through >>> virtualbox with windows 8. >>> >>> It seems to only have the problem when using the email certificate, >>> but not the digital signature certificate(those sites work). >>> >>> >>> What does the pcscd debugging show? >>> >>> Does it even get far enough to use the card? >>> >>> Are you missing some CA certificates or intermediate certificates on >>> the F19? >>> >>> I believe that on DoD CAC cards, the two certificates may be signed by >>> different CAs >>> with different trust chains. >>> >>> >>> >>> On Thu, Oct 3, 2013 at 12:16 PM, Douglas E. Engert <deeng...@anl.gov>wrote: >>> >>>> >>>> On 10/3/2013 10:51 AM, Howdy Dood wrote: >>>> >>>> Hello, >>>> >>>> I have Fedora 19 on two machines. >>>> >>>> I use libcoolkey to use a Common Access Card's certificates to access >>>> my webmail at http://www.foo.bar.gov >>>> >>>> However, since upgrading to F19 on machine two, although I am >>>> prompted for pin, etc, and certs show, and I can choose the right cert, I >>>> get: >>>> " >>>> The connection was reset >>>> >>>> The connection to the server was reset while the page was loading." >>>> >>>> and on a related site, I get: >>>> >>>> "Unable to load the webpage because the server sent no data. >>>> Error code: ERR_EMPTY_RESPONSE" >>>> >>>> On machine one, it works fine. I cannot figure out what the problem >>>> is here. Same version of pcsc, same version of libcoolkey... on machine 2, >>>> both firefox and chrome have this problem. >>>> >>>> Both machines are on the same network. >>>> >>>> On machine two, if I open up virtualbox and go to win8, and use CaC >>>> there, I can access the site with IE. >>>> >>>> Any site that requires email signature certificate on card has this >>>> problem. If the site requires digital ID certificate, it still works fine. >>>> >>>> >>>> That sounds like the old version was caching the pin, and new version >>>> is not, or not caching it correctly. >>>> >>>> For PIV cards, (and all newer CAC cards are both) when the signature >>>> key is used to do a crypto >>>> operation, the previous operation to the card must have been a verify >>>> i.e. PIN is sent. >>>> >>>> You can run pcscd in debug mode, and watch the commands to the card to >>>> get some more information. >>>> >>>> And as a previous responder said, it could be because the *.gov web >>>> site is down... >>>> >>>> >>>> >>>> >>>> Thanks for help >>>> >>>> >>>> _______________________________________________ >>>> Muscle mailing >>>> listMuscle@lists.musclecard.comhttp://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com >>>> >>>> >>>> -- >>>> >>>> Douglas E. Engert <deeng...@anl.gov> <deeng...@anl.gov> >>>> Argonne National Laboratory >>>> 9700 South Cass Avenue >>>> Argonne, Illinois 60439 >>>> (630) 252-5444 >>>> >>>> >>>> _______________________________________________ >>>> Muscle mailing list >>>> Muscle@lists.musclecard.com >>>> http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com >>>> >>>> >>> >>> >>> _______________________________________________ >>> Muscle mailing >>> listMuscle@lists.musclecard.comhttp://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com >>> >>> >>> -- >>> >>> Douglas E. Engert <deeng...@anl.gov> <deeng...@anl.gov> >>> Argonne National Laboratory >>> 9700 South Cass Avenue >>> Argonne, Illinois 60439 >>> (630) 252-5444 >>> >>> >>> _______________________________________________ >>> Muscle mailing list >>> Muscle@lists.musclecard.com >>> http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com >>> >>> >> >
_______________________________________________ Muscle mailing list Muscle@lists.musclecard.com http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com