Albert Siersema wrote:
Hello,
The --show-pkcs11-* commands cause the SafeSign PIN code popup to show
before openvpn.exe can access the smartcard.
This is violation of PKCS#11 standard.
Using (--)askpass works fine too when connecting with openvpn but
Does it also popup PIN dialog?
pkcs11-protected-authentication doesn't seem to work:
Mon Oct 31 14:35:04 2005 PKCS#11: Adding PKCS#11 provider 'aetpkss1.dll'
Mon Oct 31 14:35:06 2005 PKCS#11: Cannot set parameters -'CKR_ARGUMENTS_BAD'
Mon Oct 31 14:35:06 2005 Cannot load certificate "........"
PKCS#11 protected authentication is not implemented by most
of PKCS#11 providers, it is used in biometric environment or
when external keypad is available. Are you sure your
provider support protected authentication?
The askpass should be the preferred method.
Beta5 will remove askpass and will ask password unless
protected authentication is requested.
Best Regards,
Alon Bar-Lev.
