On Mon, Jul 16, 2012 at 1:17 PM, Mcclelland, Michael B Mr CTR USN USA wrote: > I've almost got things working on Ubuntu but I'm having the same issue > I did under fedora with the tokens being visible via p11tool but the > Openconnect client not being able to pull them. LIBGNUTLS28-DEV is > installed. Are you installing binaries from my PPA now or are you still building from source? Are you still working with 4.04 or have you switched to 4.05 since that was released? > view at view-virtual-machine:~$ sudo p11tool --list-certs --login > [...] > view at view-virtual-machine:~$ openconnect -c 'pkcs11:token=MCCLELLAND.MICHAEL.BLAIR.1250312;id=%00%03;object=CAC%20Email%20Encryption%20Certificate' https://server.domain > Attempting to connect to 198.253.24.115:443 > Failed to open certificate file pkcs11:token=MCCLELLAND.MICHAEL.BLAIR.1250312;id=%00%03;object=CAC%20Email%20Encryption%20Certificate: No such file or directory > Loading certificate failed. Aborting. > Failed to open HTTPS connection to server.domain > Failed to obtain WebVPN cookie This looks like OpenConnect is using OpenSSL for the certificate argument rather than GnuTLS. What does 'openconnect --version' display? -- mike
