read cert from smart card
Mithat Bozkurt
mithatbozkurt at gmail.com
Wed Feb 24 23:15:29 PST 2016
mithat at adige:~$ p11tool -v
p11tool 3.3.15
Copyright (C) 2000-2015 Free Software Foundation, and others, all
rights reserved.
This is free software. It is licensed for use, modification and
redistribution under the terms of the GNU General Public License,
version 3 or later <http://gnu.org/licenses/gpl.html>
mithat at adige:~$ p11tool -d 4 --export
'pkcs11:serial=0036218D34081A32;object=62917107586NES0;type=cert'
Setting log level to 4
|<2>| p11: Initializing module: p11-kit-trust
|<2>| p11: Initializing module: akis
|<2>| p11: Initializing module: gnome-keyring
|<3>| ASSERT: pkcs11.c:503
|<2>| Initializing PKCS #11 modules
|<2>| p11: Skipped object, missing attrs.
|<3>| ASSERT: pkcs11.c:1758
|<3>| ASSERT: pkcs11.c:1685
|<3>| ASSERT: pkcs11.c:1824
Error in pkcs11_export:257: The requested data were not available.
I don't understand why I export cert to file. I think device should
block this action because this is my e-signature cert.
2016-02-25 8:57 GMT+02:00 Nikos Mavrogiannopoulos
<n.mavrogiannopoulos at gmail.com>:
> On Wed, Feb 24, 2016 at 2:19 PM, Mithat Bozkurt <mithatbozkurt at gmail.com> wrote:
>> I am running on ubuntu
>>
>> mithat at adige:/etc/pkcs11/modules$ p11tool --export
>> 'pkcs11:serial=0036218D34081A32;object=62917107586SIGN0;type=cert' |
>> openssl x509 -noout -text
>> Error in pkcs11_export:257: The requested data were not available.
>> unable to load certificate
>> 139988361840272:error:0906D06C:PEM routines:PEM_read_bio:no start
>> line:pem_lib.c:701:Expecting: TRUSTED CERTIFICATE
>
> Could you add the -d 4 parameters to p11tool export command, and also
> mention the version of p11tool (output of p11tool --version)?
>
>
> regards,
> Nikos
More information about the openconnect-devel
mailing list