openconnect with Belgian EID
Christof Haerens
christof at haerens.be
Fri Nov 15 10:50:02 EST 2013
David,
I'm currently using f18 x86_64.
tried your binary, but I'm missing 1 lib:
$ ldd openconnect-f19-x64-cert-chain-from-p11|grep found
libtasn1.so.6 => not found
I have libtasn1 installed, but seems mine is a bit older
$ locate libtasn1.so
/usr/lib/libtasn1.so.3
/usr/lib/libtasn1.so.3.2.0
/usr/lib64/libtasn1.so
/usr/lib64/libtasn1.so.3
/usr/lib64/libtasn1.so.3.2.0
Christof
On 11/15/2013 12:46 PM, David Woodhouse wrote:
> On Fri, 2013-11-15 at 11:34 +0000, David Woodhouse wrote:
>> Christof, what distribution are you using?
>> Perhaps I can give you a statically linked version (with newer
>> libnettle, newer gnutls, etc.) to test and make sure this works
>> correctly?
> http://david.woodhou.se//openconnect-f19-x64-cert-chain-from-p11
> sha1sum 36ff645e63b23974cd0d55c9cb1f888d3fbcf3eb
>
> It should attempt to pull the issuer cert from PKCS#11 in the same way
> that Nikos' code was trying to do it. Please remember to remove the
> required cert from your --cafile argument (and perhaps check that the
> original openconnect is failing as expected), before reporting that it
> works! :)
>
>
>
> _______________________________________________
> openconnect-devel mailing list
> openconnect-devel at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/openconnect-devel
More information about the openconnect-devel
mailing list