|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
The problem I was having seems to be thread based. I could connect, but as soon as I sent a request in Firefox my browser would attempt multiple connections across the stunnel and that would seem to cause threading issues in coolkey and the session would reset. I fixed this by setting this about:config option in Firefox:
network.http.max-persistent-connections-per-proxy to 1Once I had that I could browse internally with no problems since Firefox would only ever use one stunnel connection at a time. That is until I tried going to an internal webserver that required client certificate authentication. Then my system would be trying to access the CAC card for the stunnel and the webserver. When I did that I saw these error messages.
From my stunnel client:2008.03.10 14:33:44 LOG3[4830:0]: error stack: 14099004 : error:14099004:SSL routines:SSL3_SEND_CLIENT_VERIFY:RSA lib 2008.03.10 14:33:44 LOG3[4830:0]: SSL_connect: 8000A032: error:8000A032:Vendor defined:PKCS11_rsa_sign:Device removed
And from # pcscd -adf ... 00000026 ifdhandler.c:1278:IFDHICCPresence() Card present00043562 winscard_msg_srv.c:288:SHMProcessEventsContext() correctly processed client: 9 00000023 winscard_svc.c:747:MSGCheckHandleAssociation() Client failed to authenticate
00356566 ifdhandler.c:1166:IFDHICCPresence() lun: 0Needless to say, some of the most interesting internal sites are the ones that require client authentication. Is this a known limitation of coolkey? Any thoughts on how I can get around this?
-matt _______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools]