Matt Anderson wrote:
Sounds like stunnel isn't loading the pkcs #11 module. Do you know where stunnel is opening it's certDB?Jack Magne wrote:Matt: You can try the following to get some debug info from CoolKey. 1. In the terminal from which you launch your app do: export COOL_KEY_LOG_FILE=/tmp/cool.txt 2. Run your program. 3. After it fails take a look at /tmp/cool.txt, it may have some clues.Unfortunately this file is empty when I try to use stunnel with coolkey. Which suggests to me that NSS isn't getting far enough to even query the coolkey module for my certificate.However when I run certutil I don't always have access to my certificate on my CAC card. Half the time it prompts me for my "CoolKey" password, the other time (when it works) it prompts me for the "Matt R Anderson" pin. I've attached those two log files so you can see them.-matt
bob
------------------------------------------------------------------------ Initialize called, hello 5 C_GetInfo called C_GetSlotList called calling IsConnected card changed cleared all sessions time connect: Connect Time 401 ms time connect: Read Slot 401 ms time connect: connection status 401 ms time connnect: Begin transaction 401 ms CoolKey Select failed 0x6 CAC Cert 0: select CAC applet: 72 ms CAC Cert 0: fetch CAC Cert: 121 ms CAC Cert 0: Fetch rest : 560 ms CAC Cert 0: Cert has been read: 560 ms CAC Cert 0: Cert has been uncompressed: 560 ms refreshTokenState: Failed to load objects. isTokenPresent, card state is 0x3e C_GetSlotList called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e Called C_GetSlotInfo calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetTokenInfo called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetMechanismList called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetMechanismList returning 0 C_GetMechanismList called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetMechanismList returning 0 C_OpenSession called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_FindObjectsInit called, 1 templates template [00] type: 0000, pValue: bf8cbe8c, ulValueLen: 00000004, value: 3461563220 calling IsConnected IsConnected returned false C_FindObjects called, max objects = 1 calling IsConnected IsConnected returned false returned 0 objects: Called C_GetSlotInfo calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetSessionInfo called calling IsConnected IsConnected returned false C_GetSessionInfo called calling IsConnected IsConnected returned false C_Login called calling IsConnected IsConnected returned false Called C_GetSlotInfo calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetSessionInfo called calling IsConnected IsConnected returned false C_FindObjectsInit called, 2 templates template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001 template [01] type: 0000, pValue: 0355df5c, ulValueLen: 00000004, value: 1 calling IsConnected IsConnected returned false C_FindObjects called, max objects = 16 calling IsConnected IsConnected returned false returned 0 objects: C_GetSessionInfo called calling IsConnected IsConnected returned false C_FindObjectsInit called, 2 templates template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001 template [01] type: 0000, pValue: bf8cbe38, ulValueLen: 00000004, value: 3461563219 calling IsConnected IsConnected returned false C_FindObjects called, max objects = 10 calling IsConnected IsConnected returned false returned 0 objects: C_CloseAllSessions(0x1) called Finalizing...------------------------------------------------------------------------Initialize called, hello 5 C_GetInfo called C_GetSlotList called calling IsConnected card changed cleared all sessions time connect: Connect Time 400 ms time connect: Read Slot 400 ms time connect: connection status 401 ms time connnect: Begin transaction 401 ms CoolKey Select failed 0x6 CAC Cert 0: select CAC applet: 72 ms CAC Cert 0: fetch CAC Cert: 149 ms CAC Cert 0: Cert has been read: 149 ms CAC Cert 0: Cert has been uncompressed: 149 ms CAC Cert 1: select CAC applet: 77 ms CAC Cert 2: select CAC applet: 73 ms isTokenPresent, card state is 0x3e C_GetSlotList called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e Called C_GetSlotInfo calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetTokenInfo called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetMechanismList called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetMechanismList returning 0 C_GetMechanismList called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetMechanismList returning 0 C_OpenSession called calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_FindObjectsInit called, 1 templates template [00] type: 0000, pValue: bfc4e20c, ulValueLen: 00000004, value: 3461563220 calling IsConnected IsConnected returned false C_FindObjects called, max objects = 1 calling IsConnected IsConnected returned false returned 0 objects: Called C_GetSlotInfo calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetSessionInfo called calling IsConnected IsConnected returned false C_GetSessionInfo called calling IsConnected IsConnected returned false C_Login called calling IsConnected IsConnected returned false Called C_GetSlotInfo calling IsConnected IsConnected returned false isTokenPresent, card state is 0x3e C_GetSessionInfo called calling IsConnected IsConnected returned false C_FindObjectsInit called, 2 templates template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001 template [01] type: 0000, pValue: 0355df5c, ulValueLen: 00000004, value: 1 calling IsConnected IsConnected returned false C_FindObjectsInit found matching object 0x00000600 C_FindObjects called, max objects = 16 calling IsConnected IsConnected returned false returned 1 objects: 0x00000600 C_GetAttributeValue called, 2 templates for object 0x00000600 template [00] type: 0001, pValue: 00000000, ulValueLen: 00000000 template [01] type: 0003, pValue: 00000000, ulValueLen: 00000000 calling IsConnected IsConnected returned false template [00] type: 0001, pValue: 00000000, ulValueLen: 00000001 template [01] type: 0003, pValue: 00000000, ulValueLen: 00000012 C_GetAttributeValue called, 2 templates for object 0x00000600 template [00] type: 0001, pValue: 09073b48, ulValueLen: 00000001 template [01] type: 0003, pValue: 09071c28, ulValueLen: 00000012 calling IsConnected IsConnected returned false template [00] type: 0001, pValue: 09073b48, ulValueLen: 00000001 template [01] type: 0003, pValue: 09071c28, ulValueLen: 00000012 C_GetAttributeValue called, 1 templates for object 0x00000600 template [00] type: 0011, pValue: 00000000, ulValueLen: 00000000 calling IsConnected IsConnected returned false template [00] type: 0011, pValue: 00000000, ulValueLen: 000006ac C_GetAttributeValue called, 1 templates for object 0x00000600 template [00] type: 0011, pValue: 09080698, ulValueLen: 000006ac calling IsConnected IsConnected returned false template [00] type: 0011, pValue: 09080698, ulValueLen: 000006ac C_GetSessionInfo called calling IsConnected IsConnected returned false C_FindObjectsInit called, 2 templates template [00] type: 0001, pValue: 0355df58, ulValueLen: 00000001 template [01] type: 0000, pValue: bfc4e1b8, ulValueLen: 00000004, value: 3461563219 calling IsConnected IsConnected returned false C_FindObjects called, max objects = 10 calling IsConnected IsConnected returned false returned 0 objects: C_GetAttributeValue called, 2 templates for object 0x00000600 template [00] type: 0102, pValue: 00000000, ulValueLen: 00000000 template [01] type: 0000, pValue: 00000000, ulValueLen: 00000000 calling IsConnected IsConnected returned false template [00] type: 0102, pValue: 00000000, ulValueLen: 00000002 template [01] type: 0000, pValue: 00000000, ulValueLen: 00000004 C_GetAttributeValue called, 2 templates for object 0x00000600 template [00] type: 0102, pValue: 09081ef0, ulValueLen: 00000002 template [01] type: 0000, pValue: 09081ef8, ulValueLen: 00000004, value: 151468600 calling IsConnected IsConnected returned false template [00] type: 0102, pValue: 09081ef0, ulValueLen: 00000002 template [01] type: 0000, pValue: 09081ef8, ulValueLen: 00000004, value: 1 C_FindObjectsInit called, 2 templates template [00] type: 0102, pValue: 09081ef0, ulValueLen: 00000002 template [01] type: 0000, pValue: 09081ef8, ulValueLen: 00000004, value: 3 calling IsConnected IsConnected returned false C_FindObjectsInit found matching object 0x00000400 C_FindObjects called, max objects = 1 calling IsConnected IsConnected returned false returned 1 objects: 0x00000400 C_CloseAllSessions(0x1) called Finalizing...------------------------------------------------------------------------_______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel