Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 28/04/17 12:17, David Woodhouse wrote:
>
>> And it had worked before? for like 2 days before it started failing for
>> everyone using this client certificate provider and VPN gateway on
>> Linux. The smartcards haven't changed, so it must be some external factor.
> What is the PKCS#11 provider module you're using? 
It's a gemalto middleware, version 7.2.0-b04:

> gemalto: /usr/lib/pkcs11/libgclib.so
>     library-description: PKCS#11 Cryptoki Multiplexer
>     library-manufacturer: Gemplus
>     library-version: 5.1

> It's possible that something in the exchange over the network is
> causing us to trigger a latent bug... hard to say before we see more
> debugging info really.
>
> We should also try with pkcs11-spy.

OK, I will try to get both some debugging output from pkcs11-spy and
--gnutls-debug over the next few days.

Thanks for the help so far!
David

-- 
TenTwentyFour S.? r.l.
W: www.tentwentyfour.lu
T: +352 20 211 1024
F: +352 20 211 1023
9 av. des Hauts-Fourneaux
4362 Esch-sur-Alzette


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20170428/9af8343d/attachment.sig>


[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux