[strongSwan] How to use Strongswan 5.0.1 & Smartcard correctly?
Martin Willi
martin at strongswan.org
Thu Oct 11 17:28:31 CEST 2012
Hi Gerald,
> : PIN %smartcard:70ee000003ef %prompt
> [...] pkcs11_public_key_connect later on fails.
Does your token contain a public key object that is readable without
login? Does this public key have the same CKA_ID keyid as the associated
private key?
This is required to find the correct module and slot before login. If it
isn't the case, you might try to specify module and slot explicitly (man
ipsec.secrets for syntax details). This way the login is enforced
without checking for a public key, so make sure to select the right
module and token.
Regards
Martin
More information about the Users
mailing list