Hi!
Albert Siersema wrote:
Hello Alon,
Using (--)askpass works fine too when connecting with openvpn but
Does it also popup PIN dialog?
No, it reads from stdin which makes it impossible to run openvpn as a
MSWindows service.
Strange... I don't understand what is the difference between
the --show-pkcs11-* and the --askpass...
Just to make sure... --show-pkcs11-slots prompt for PIN???
I was hoping the pkcs11 code would be helpful in that department as using
the cryptoapi and running as a service won't work. Probably because the
service runs as System and tries to retrieve it from the wrong cert store.
Running the service as another user won't help either ?! :-(
But it does!
Use the management interface.
Put the following in your configuration file:
management hold
management 127.0.0.1 8887
management-query-passwords
Now start your service.
Insert your smartcard.
Run "telnet localhost 8887"
Enter the following commands:
hold release
password "XXXX token" pin
I will write a simple perl script that does it for you soon...
Best Regards,
Alon Bar-Lev.
