[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pkinit with smartcard

To: Olga Kornievskaia <aglo@citi.umich.edu>
Subject: Re: pkinit with smartcard
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Mon, 11 Dec 2006 20:21:56 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <457DA940.7070501@citi.umich.edu>
References: <457A1780.1060403@citi.umich.edu> <5D26DA27-544D-476D-98D8-00F3F678007C@kth.se> <457CEAF6.9090804@citi.umich.edu> <F198E282-26B1-47AD-B54C-10981CC7195F@kth.se> <457DA0C7.3080009@citi.umich.edu> <621376BC-EDEE-4CA1-89C8-AE1A0FFBCDB1@kth.se> <457DA940.7070501@citi.umich.edu>
Sender: owner-heimdal-discuss@sics.se

How is the card configured, does the private key allow both  
encryption and signing ?

You can get more info about the existance of the private key and some  
certificate
by using.

hxtool print --info  PKCS11:/...

Love

11 dec 2006 kl. 19.53 skrev Olga Kornievskaia:

> after applying the patch i got:
> kinit: krb5_get_init_creds: Failed to unenvelope CMS data in PK- 
> INIT reply: No private key decrypted the transfer key; Failed to  
> decrypt with certificate issued by CN=CITI Production  
> KCA,O=University of Michigan,L=Ann Arbor,2.5.4.8=Michigan,C=US with  
> serial number 0107BA; Failed to decrypt using private key: -1
>
>
> Love Hörnquist Åstrand wrote:
>>
>> 11 dec 2006 kl. 19.17 skrev Olga Kornievskaia:
>>
>>> pkcs11 module release while session in use
>>
>> Ok, so I assume it failes signing or encryption. This should take  
>> way the abort
>> and show the real error
>>
>> http://people.su.se/~lha/patches/heimdal/hx509-fail-put.txt
>>
>> If this isn't the problem, please put a breakpoint in p11_get_session
>> to find where the last get_session occur before the abourt.
>>
>> Love
>>
>>
>>

Follow-Ups:
- Re: pkinit with smartcard
  - From: Olga Kornievskaia <aglo@citi.umich.edu>

References:
- pkinit with smartcard
  - From: Olga Kornievskaia <aglo@citi.umich.edu>
- Re: pkinit with smartcard
  - From: Love Hörnquist Åstrand <lha@kth.se>
- Re: pkinit with smartcard
  - From: Olga Kornievskaia <aglo@citi.umich.edu>
- Re: pkinit with smartcard
  - From: Love Hörnquist Åstrand <lha@kth.se>
- Re: pkinit with smartcard
  - From: Olga Kornievskaia <aglo@citi.umich.edu>
- Re: pkinit with smartcard
  - From: Love Hörnquist Åstrand <lha@kth.se>
- Re: pkinit with smartcard
  - From: Olga Kornievskaia <aglo@citi.umich.edu>

Prev by Date: Re: pkinit with smartcard
Next by Date: Re: pkinit with smartcard
Prev by thread: Re: pkinit with smartcard
Next by thread: Re: pkinit with smartcard
Index(es):
- Date
- Thread