[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pkinit with smartcard
How is the card configured, does the private key allow both
encryption and signing ?
You can get more info about the existance of the private key and some
hxtool print --info PKCS11:/...
11 dec 2006 kl. 19.53 skrev Olga Kornievskaia:
> after applying the patch i got:
> kinit: krb5_get_init_creds: Failed to unenvelope CMS data in PK-
> INIT reply: No private key decrypted the transfer key; Failed to
> decrypt with certificate issued by CN=CITI Production
> KCA,O=University of Michigan,L=Ann Arbor,22.214.171.124=Michigan,C=US with
> serial number 0107BA; Failed to decrypt using private key: -1
> Love Hörnquist Åstrand wrote:
>> 11 dec 2006 kl. 19.17 skrev Olga Kornievskaia:
>>> pkcs11 module release while session in use
>> Ok, so I assume it failes signing or encryption. This should take
>> way the abort
>> and show the real error
>> If this isn't the problem, please put a breakpoint in p11_get_session
>> to find where the last get_session occur before the abourt.