Thank you for your answer.
We tried the SunPKCS11 class but the thing is we are trying to access
Firefox's keystore to reach the certificates of a physical token stored in
it.
Apparently the Sun provider cannot deal with physical tokens through
Firefox's keystore. Does that seem plausible to you?
Jean,
On 12/8/2014 02:38, Jean Bave wrote:
Thank you for your answer.
We tried the SunPKCS11 class but the thing is we are trying to access
Firefox's keystore to reach the certificates of a physical token stored in
it.
Apparently the Sun provider cannot deal with physical tokens through
Firefox'
On Mon, 2014-12-08 at 10:15 +, Martinsson Patrik wrote:
> So, to summarize,
> $> sudo update-alternatives --install /usr/lib64/libnssckbi.so
> libnssckbi.so.x86_64 /usr/lib64/p11-kit-proxy.so 1000
>
> $> cat /etc/pki/nssdb/pkcs11.txt
> library=/usr/lib64/p11-kit-proxy.so
> name=p11-kit-proxy
Hello.
I hope this is the right place to post this.
I need to access cryptographic tokens from the browser somehow, in order to
digitally sign data.
As far as I saw, WebCryptoAPI cannot help.
I was hoping for XPCOM or NPAPI, but those seem being dropped too (according
to rumors because yo
On Mon, 2014-12-08 at 13:05 +, David Woodhouse wrote:
> If you fix the unlock-at-login issue then you shouldn't have to disable
> this in any application for which there isn't already a "Does not
> support Protected Authentication Path" bug filed. I.e. evolution.
I just fixed Evolution, FWIW:
On Mon, 2014-12-08 at 13:05 +, David Woodhouse wrote:
> On Mon, 2014-12-08 at 10:15 +, Martinsson Patrik wrote:
> > So, to summarize,
> > $> sudo update-alternatives --install /usr/lib64/libnssckbi.so
> > libnssckbi.so.x86_64 /usr/lib64/p11-kit-proxy.so 1000
> >
> > $> cat /etc/pki/nssd
On Mon, 2014-12-08 at 16:44 +, Martinsson Patrik wrote:
> Well,not really, it turns out that the gnome-settings-daemon loads the
> opensc-module directly from /etc/pki/nssdb. So if I don't import the
> opensc-module in there, gnome-settings-daemon wont recognize
> inserts/removals. I choosed to
On 12/08/2014 05:05 AM, David Woodhouse wrote:
On Mon, 2014-12-08 at 10:15 +, Martinsson Patrik wrote:
So, to summarize,
$> sudo update-alternatives --install /usr/lib64/libnssckbi.so
libnssckbi.so.x86_64 /usr/lib64/p11-kit-proxy.so 1000
$> cat /etc/pki/nssdb/pkcs11.txt
library=/usr/lib64/p
On 12/08/2014 08:59 AM, David Woodhouse wrote:
I still maintain that the path to sanity involves killing
/etc/pki/nssdb entirely, and then you can look at applying *correct*
fixes to whatever's still not behaving correctly.
The whole point of /etc/pki/nssdb is so you have one place to install
9 matches
Mail list logo
