On Wed, 2012-07-11 at 16:35 -0400, Mcclelland, Michael B Mr CTR USN USA wrote: > So if I understand you right... > out of the full: > pkcs11:library-description=CoolKey%20PKCS%20%2311%20Module%20%20%20%20%20%00%00%00;library-manufacturer=Mozilla%20Foundation;model=%20;manufacturer=%20;serial=%20;token=MCCLELLAND.MICHAEL.BLAIR.1250312;id=%00%03;object=CAC%20Email%20Encryption%20Certificate;object-type=private > > I just use > Pkcs11: CoolKey%20PKCS%20%2311%20Module%20%20%20%20%20%00%00%00 > > Sorry for asking to be spoon fed. I have very limited attempts to login before my card locks itself It doesn't *hurt* to use the whole thing, but you ought to get away with just pkcs11:id=%00%03;object=CAC%20Email%20Encryption%20Certificate Hopefully your token shouldn't lock you out just for using an object that doesn't exist; only if you get the PIN wrong? -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120711/41e4be20/attachment.bin>
