CentOS 7, In firefox -> privacy & security -> certificates -> security devices i am trying to load the pkcs11 modules, but get the error unable to load. I am following the directions at https://piv.idmanagement.gov/engineering/firefox/ I have installed opensc and openssl-pkcs11, which contains /usr/lib64/openssl/engines/pkcs11.so and am using that is the module Has anybody here done that, and can offer advice? Tony Schreiner
On Thu, Apr 2, 2020 at 12:47 PM Tony Schreiner <anthony.schreiner at bc.edu> wrote:> CentOS 7, In firefox -> privacy & security -> certificates -> security > devices > i am trying to load the pkcs11 modules, but get the error unable to load. > > I am following the directions at > https://piv.idmanagement.gov/engineering/firefox/ > > I have installed opensc and openssl-pkcs11, which > contains /usr/lib64/openssl/engines/pkcs11.so > and am using that is the module > > Has anybody here done that, and can offer advice? >Answering myself, though not completely solved. I should have instead been loading /usr/lib64/opensc-pksc11.so
nschehovin at yahoo.com
2020-Apr-05 20:27 UTC
[CentOS] firefox unable to load pkcs11 module
Hi Tony, Have you solved this problem yet?I took another approach and used CACkey which supportsUS Government PIV cards including the CAC.? In my case I set it up on Linux Mint but there is an rpm version of CACKey for 32 or 64 bit Centos.Here is the process I went through. - setup CAC card by following instructions on: https://help.ubuntu.com/community/CommonAccessCard sudo apt-get install libpcsclite1 pcscd pcsc-tools - download CACkey from https://cackey.rkeene.org/fossil/index sudo dpkg -i cackey_0.7.5-1_amd64.deb The above command failed with: "dpkg: error processing archive cackey_0.7.5-1_amd64.deb (--install): ?unable to create '/libcackey.so.dpkg-new' (while processing './usr/lib64/libcackey.so'): No such file or directory dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Errors were encountered while processing: ?cackey_0.7.5-1_amd64.deb" - as root I created the directory /usr/lib64 and ran the command again!!!!!!It Worked!!!!!!! - ran command pcsc_scan and it found my CAC - had to manually install the DoD root certificates - certificates were manually installed one at a time for both Thunderbird and Firefox It turned out to be much easier than I thought it would to get my PIV working on a Linux machine. Hope that helps.Ed On Thursday, April 2, 2020, 1:37:32 PM EDT, Tony Schreiner <anthony.schreiner at bc.edu> wrote: On Thu, Apr 2, 2020 at 12:47 PM Tony Schreiner <anthony.schreiner at bc.edu> wrote:> CentOS 7, In firefox -> privacy & security -> certificates -> security > devices > i am trying to load the pkcs11 modules, but get the error? unable to load. > > I am following the directions at > https://piv.idmanagement.gov/engineering/firefox/ > > I have installed opensc and openssl-pkcs11, which > contains /usr/lib64/openssl/engines/pkcs11.so > and am using that is the module > > Has anybody here done that, and can offer advice? >Answering myself, though not completely solved. I should have instead been loading /usr/lib64/opensc-pksc11.so _______________________________________________ CentOS mailing list CentOS at centos.org https://lists.centos.org/mailman/listinfo/centos
Apparently Analagous Threads
- firefox unable to load pkcs11 module
- Firefox fails to authenticate .mil sites with New DoD CAC
- Why still no PKCS#11 ECC key support in OpenSSH ?
- firefox unable to load pkcs11 module
- [Bug 3202] New: Ed25519 key on HSM is not getting listed in ssh-add -l command