Hi David, Thanks for you answer! >It *might* be the case that PKCS#11 support is easier in GNUTLS. But I >suspect the majority of your pain is going to be on the OpenSC side >anyway. I am fairly new to opensc and the use of smart cards but it seemed actually pretty straight forward to get it to work. I followed some of the documentation here: http://www.gooze.eu/tutorials And here is an example of the pkcs11 engine working with stunnel: http://www.gooze.eu/howto/using-stunnel-with-smart-cards If you are interested in supporting smartcard tokens in openconnect I would be happy to contribute to the project by donating a card and a reader (I can probably ship it to you if you want to give me a post address off list). /Tony
