CAC modules
David Woodhouse
dwmw2 at infradead.org
Wed Jul 11 16:24:35 EDT 2012
On Tue, 2012-07-10 at 17:14 -0400, Mcclelland, Michael B Mr wrote:
> But I didn't expect to see that my build of openconnect lacked pkcs
> support
I've now got a 12.04 VM so I can test this. It seems to have two
versions of GnuTLS available. Which did you have?
With 'libgnutls-dev', OpenConnect should refuse to build — that's
version 2.12.14 and is too old.
With 'libgnutls28-dev', which is version 3.0.11, things should work
fine. It *does* have PKCS#11 support and your token ought to work,
although you want libssl-dev installed too to make sure you get DTLS
(UDP transport) support.
Did you build your *own* GnuTLS? If so, you need to have libp11-kit-dev
installed first. Then it should be fine. Use GnuTLS 3.0.21, and you
don't need libssl-dev.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120711/5e8f372d/attachment-0001.bin>
More information about the openconnect-devel
mailing list