[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Re: coolkey with stunnel-nss



Jack Magne wrote:
I ran a few tests with my own CAC card and when I do the following:

certutil -L -d ./ -h COOLKEY

The -h specifies the module. It might be instructive to see what your stunnel code is doing. Is it referencing the module?

-h doesn't seem to do anything. I had been always supplying "-h all" but now that you mentioned it I tried "-h coolkey" and "-h foo" and every time I get the same set of certificates listed in the output.

When trying to list a particular certificate , certutil has a -n cert-name option which is the nickname of the cert as printed by certutil.

First try to simply have certutil print out your certificate on the screen. Once you have the name right, you should be good.

-n seems to work in the same way:

$ certutil -L -d ~/.nssdb -h foo -n foo

Certificate Nickname Trust Attributes

SSL,S/MIME,JAR/XPI

Enter Password or Pin for "Matt R Anderson":
ClassB                                                       P,P,P
HPQ-CA                                                       T,c,c
ClassA                                                       u,u,u
Matt R Anderson:CAC ID Certificate                           u,u,u

It seems like "Matt R Anderson" would be the nickname that I should list in the stunnel config file, but when I do that I get this error message:

2008.08.20 14:36:18 LOG7[21014:142554448]: Certificate: "Matt R Anderson"
2008.08.20 14:36:18 LOG3[21014:142554448]: PK11_FindCertFromNickname: Unknown code ___f 18(-8174,0)


-matt

_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel

[Home]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Red Hat 9 Bible]     [Fedora Bible]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]

Powered by Linux

Google
  Web www.spinics.net