[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


so after wrestling with a mass of linking problems I seem to finally 
have openssl, heimdal, opensc, and soft-pkcs11 all built with debugging 
and without optimization(YAY!). now however I'm still having some 
trouble getting it all to work.

when I run "kinit -C 

I get the following error:
kinit: krb5_get_init_creds: Can't decrypt key: error:2A008404:PKCS11 
library:PKCS11_rsa_decrypt:Not supported

now this seems to be a case of openssl trying to use the engine that was 
loaded to decrypt something which soft-pkcs11 does not do. Is this 
supposed to fail in this way?

Love, I notice that you have this error on your pkinit for heimdal page. 
Is it currently possible to use soft-pkcs11 with heimdal pkinit?

Just fyi I'm using heimdal-20050927, opensc-0.9.6, openssl-0.9.8, and 

(I could have sworn I saw this work once, but then again I might just be 
completely halucinating after spending 3 out of the last four days on 
this stuff.)