Ludovic Rousseau wrote:
On 28/11/06, Greg Hennessy <[EMAIL PROTECTED]> wrote:
I have several linux boxes running FC5 at work, and I have installed
pam_pkcs11 via tarball and have a working system. I just recently
did a fresh install of FC6 to my home computer, and I noticed that the
pam_pkcs package was installed by default. I've verified that I can use
my CAC to do encrypted/signed email with thunderbird, and visit secure
sites with firefox. However, the pcks11_inspect tool doesn't give a list
of the CAC. Is reporting the error better done here, or on a Fedora
mailing list?
If it is a bug in pam_pkcs you can report the bug in the pam_pkcs bug
tracker at [1].
Fedora has "a lot" of patches for pam_pkcs. So it may also help to
_also_ report the bug on a Fedora mailing list. Maybe it is a bug in a
Fedora patch.
bye,
[1] http://www.opensc-project.org/pam_pkcs11/
IIRC from another mailing list I am on, the Fedora version may use `certutil`
instead of pam_pkcs11's `make_hash_link.sh` to create links to each of the
CAs, and I am not sure if they keep them (the CAs) in the same place as the
normal pam_pkcs11.
running `pkcs11_inspect debug` and making note of:
A) did it ask for a PIN/Password.
B) if it did (A), did it then spit out 'X.509 certificate found' and a little
later 'certificate is valid'?
would be information needed to debug the situation.
--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
