|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Robert Relyea wrote:
Matt Anderson wrote:Robert Relyea wrote:The name of your coolkey module is "Matt R Anderson" The nickname of your cert is either: "Matt R Anderson:CAC ID Certificate"Ohh.. that worked! When I give certutil the option -h "Matt R Anderson" I only see the certificate on the token. Same thing when I only give it -n "Matt R Anderson:CAC ID Certificate".Did cerutil -n actually list your certificate, or did it fail?(certutil -L -d /home/mra/.nssdb -n "Matt R Anderson:CAC ID Certificate" should actually print the certificate out).
That prints out my certificate.
When I try listing "Matt R Anderson:CAC ID Certificate" as my cert in the stunnel.conf file however I still get the same sort of error.2008.08.20 15:01:31 LOG7[22137:139871568]: Certificate: "Matt R Anderson:CAC ID Certificate" 2008.08.20 15:01:31 LOG3[22137:139871568]: PK11_FindCertFromNickname: Unknown code ___f 65(-8127,0)The error code is: SEC_ERROR_NO_TOKEN = (SEC_ERROR_BASE + 65)My current theory is that stunnel is not openning up your coolkey device. It may be because it is opening a different NSS database.
I don't think that's the case. I did an strace and the only NSS-like database open that I saw was this one
open("/home/mra/.nssdb/secmod.db", O_RDONLY) = 4
Which is the right location. I can use stunnel to make use of other
certifcates loaded into my NSS db, just not the one on my CAC cards.
-matt _______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools]
