|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Muscle] CAC - Almost there
From: David Corcoran (corcoran
identityalliance.com)
Date: Thu Jan 06 2005 - 10:02:27 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michael,
I would suggest using the pkcs11rc file (contained in the PKCS#11 code)
and turning logging to LOW (log low priority messages)
This will create a PKCS11.log file which can be used to determine the
problem ...
bsiPlugin.bundle and commonAccessCard.bundle are two different animals
- although they have similar API's .....
Thanks,
Dave
On Jan 6, 2005, at 10:49 AM, Michael Olson wrote:
> I'm trying to get a CAC card in use under Fedora Core 3.
>
> What I'd like to get going altogether is
>
> Working on Web Client Side Authentication first, I have
> an ActiveCard USB Reader (v2) and a Schlumberger Access 32K V2.
>
> Using PCSC-Lite 1.2.0 and CCID 0.4.1 I seem to have no
> problems reading the card. I can see it inserted and get my ATR.
>
> I built commonAccessCard.bundle from Darwin and
> muscleframework 1.1.5, associated it with bundleTool and
> XCardII 0.9.9 can see the card.
>
> Next up I built libmusclepkcs11.so and loaded it into
> FireFox 1.0 and tried hitting a client side authenticated
> page. It prompted me to unlock the card, accepted my pin,
> and then gave me a list of certificates to use.
>
> This is where things stopped working though. I tried all the
> certificates listed but can not view the page. (Error establishing
> an encrypted connection to xxx.navy.mil. Error Code: -12222.)
>
> I tried using bsiPlugin.bundle from ActiveCard Gold 1.0. It seems
> to work pretty much identically to commonAccessCard.bundle so I
> also tried using libpkcs11.so with it. Firefox wouldn't even load it.
>
> I've switched back to commonAccessCard.bundle and libmusclepkcs11.so
> but have no idea what to do to debug things at this point.
>
> Any recommendations?
>
> Thank You,
> Michael
> _______________________________________________
> Muscle mailing list
> Musclelists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>
>
------------------------------------------------------------------------
------------
David Corcoran corcoranidentityalliance.com
Identity Alliance http://www.identityalliance.com
Smart Cards, Biometrics, Training, Identity Management
------------------------------------------------------------------------
-------------
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]