CAC modules
Mcclelland, Michael B Mr CTR USN USA
michael.b.mcclelland at us.army.mil
Mon Jul 16 17:32:48 EDT 2012
The --version command is report 3.15
-----Original Message-----
From: mike.t.miller at gmail.com [mailto:mike.t.miller at gmail.com] On Behalf Of Mike Miller
Sent: Monday, July 16, 2012 3:26 PM
To: Mcclelland, Michael B Mr CTR USN USA
Cc: David Woodhouse; openconnect-devel at lists.infradead.org
Subject: Re: CAC modules
On Mon, Jul 16, 2012 at 1:17 PM, Mcclelland, Michael B Mr CTR USN USA wrote:
> I've almost got things working on Ubuntu but I'm having the same issue
> I did under fedora with the tokens being visible via p11tool but the
> Openconnect client not being able to pull them. LIBGNUTLS28-DEV is
> installed.
Are you installing binaries from my PPA now or are you still building from source? Are you still working with 4.04 or have you switched to
4.05 since that was released?
> view at view-virtual-machine:~$ sudo p11tool --list-certs --login [...]
> view at view-virtual-machine:~$ openconnect -c
> 'pkcs11:token=MCCLELLAND.MICHAEL.BLAIR.1250312;id=%00%03;object=CAC%20
> Email%20Encryption%20Certificate' https://server.domain Attempting to
> connect to 198.253.24.115:443 Failed to open certificate file pkcs11:token=MCCLELLAND.MICHAEL.BLAIR.1250312;id=%00%03;object=CAC%20Email%20Encryption%20Certificate: No such file or directory Loading certificate failed. Aborting.
> Failed to open HTTPS connection to server.domain Failed to obtain
> WebVPN cookie
This looks like OpenConnect is using OpenSSL for the certificate argument rather than GnuTLS. What does 'openconnect --version' display?
--
mike
More information about the openconnect-devel
mailing list