List Info

Thread: pam_pkcs11 issue
pam_pkcs11 issue
user name
 2007-10-19 09:08:05 

  


  

    





Greets guys,






I am setting up smartcard logon
under Suse 10 Enterprise Linux Desktop based on Aladdin eToken. I have
installed everything fine. I have copied the CA certificate ( in DER format )
in /etc/pam_pkcs11/cacerts directory, issued the make_hash_links.sh, configured
pam.d to use the pam_pkcs11 module. When I try to login however, I receive the
following error:






DEBUG:cert_vfy.c:282: Adding hashdir lookup to x509_store



DEBUG:cert_vfy.c:294: Adding hash dir
'/etc/pam_pkcs11/cacerts' to CACERT checks






DEBUG:pkcs11_inspect.c:132:
verify_certificate() failed: certificate is invalid: unable to get local issuer
certificate







 



Note: I paste the output from pkcs11_inspect which is the
same as the one during the login process, but as I cannot copy from the console
directly ( I am running the linux under vmware ) I apply this log output. May
be I am missing something. I ran pkcs11_listcerts and used the Sujbect line for
the mapping file. I just cannot find what the error may be. Any help would be
greatly appreciated. 





Best Regards,


Lyuben R. Bahtarliev

System Integration Specialist

Aladdin Ltd. eToken Certified Engineer



Mobile: 
+359897975706


 Office:  +35929434647

   Fax:   +35929441523

   ; Icq:   21261028





01C81272.9D68EC50">



 






  

  
  
    
 
      
    

    
    
 
      View Original Image
    

    
   
     
    






 [1]











   
 





about | contact  Other archives ( Real Estate discussion Medical topics )