On 04 Aug 2019, at 01:56, Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote: > An RSA signature verification operation (block type 01) failed, > typically because the public used to check the signature does > not match the private key used to sign the data. Thanks for confirming this. > Is this a server-side log or a client-side log? If the client is > using the wrong private key or wrong certificate, then I'd expect > to see this type of error on the server. It’s a server side log of httpd linked to openssl. I have a MyEID smartcard with two certs and two keys on it. When the smartcard is used with Firefox and the OpenSC PKCS11 drivers, everything works fine. When the smartcard is used with Windows 10 + Edge and the native manufacturer drivers, the wrong key is chosen for the certificate, and access is denied as above. Regards, Graham —
Attachment:
smime.p7s
Description: S/MIME cryptographic signature