Hello Marc-Aurèle,
We do not use the same token brand, so if your problem is token-related,
I can't give you any hint.
the only thing I can think of is an access-right problem we had.
I assume that you successfully loaded the opensc-pkcs11.so library in
firefox.
First, when you process your request from the OpenCA Public interface,
could you check what are the choices you got in Mozilla Firefox when it
comes to select the token ("Choix d'un jeton" in French)? If you only
got the "Sécurité personnelle" (personnal security) choice, it means
that your token is not detected properly.
The problem can come from an access right to the folder /var/run/openct
because the firefox user must be part of the scard group. You can try to
run Firefox as root and see if it changes something.
Alternatively you can change the folder access rights from rwxr-x--- to
rwxr-xr-x or add your user to the scard group.
If your browser detected your token properly and only the key generation
is a problem, then it must be an opensc configuration problem. One thing
that is important to when it comes to the token choice : by default, I
think opensc accepts 4 different users for one token when it comes to
the token choice ("choix d'un jeton"). For example, if my card's name is
Card03 and I initialized (PIN+PUK) the card for one operator Ope01, I
will have the following choices:
Card03
Card03
Card03
Sécurité personnelle
Card03 (Ope01)
Only "Carte03 (Ope01)" choice is working for me, because if I choose
"Carte01", then I am asked to enter a new PIN code for this (new) user,
but it always fails.
So IMO, is is important to initialize the card and to create a new user
before starting the token key generation process via the browser.
And finally : yes, the token key generation is far much longer than a
browser generation. So you will see the difference once it succeeds :)
Hope this helps.
Pierre
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id�492&op=click
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
