Running FreeIPA 4.7.1, on CentOS 8, I configured IPA-server to use smartcard login follwoing https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_identity_management/configuring-idm-for-smart-card-auth_configuring-and-managing-idm#conf-idm-client-for-smart-card-auth_configuring-idm-for-smart-card-auth
I configured a CentOS 8 machine to use smartcard-login. After configuring the IPA-client, running the scripts produced by ipa-advise will show an error: ./config-client-for-smart-card-auth.sh /etc/ipa/ca.crt ~ ERROR: Failed to add module "OpenSC". Probable cause : "Unknown PKCS #11 error.". Systemwide CA database updated. Systemwide CA database updated. The ipa-certupdate command was successful Logging in a Yubikey 5 works fine. The error is caused by this line: echo "" | modutil -dbdir /etc/pki/nssdb -add "OpenSC" -libfile /usr/lib64/opensc-pkcs11.so Now, what going on here and can this error really be ignored? Is it worth to create a Bugzilla? Same error also aoocurs on a fresh RHEL 8.1 machine. Winfried
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
