Using Activclient, it imports the user certificates from the CAC into
whatever browser you're using. For example, in Firefox 3.5
(tools>options>advanced>encryption>view certificates) you can view the
certain certificates. That is also the case when i use IE7. Although,
whenever I pull the card out, the certificates go away. I'm still
trying to figure out how I can use those certificates and automatically
authenticate them using CAS so CAS can just pass the ticket as soon as
they see that there is the certificate there.
-David
Marvin Addison wrote:
BTW, how do you get the browser to automatically read the certificate
straight from the card?
I have no idea. In the case of the eToken Pro, there's a proprietary
PKCS12 provider library that communicates directly with the token.
Then anything that can talk to PKCS12 modules, e.g. pcscd on Linux,
can communicate with the token. You need both the middleware and the
eToken libs for the browser to read the certificate from the token.
From my experience the middleware is good, and the proprietary stuff
stinks. I hope you have better luck. Please report back to the list
on your experience if you get it working. It'd be nice to have some
feedback on ease of use/integration of other hardware security
devices.
M
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
