Hiya, I've tried the same test with Chromium and it worked correctly as Wan-Teh said. The database does not get locked.
My Firefox profile NSS files are soft links to the shared ones, as explained in the NSS Shared Howto document https://wiki.mozilla.org/NSS_Shared_DB_Howto Could it be a matter of my pkcs11.txt configuration? I've built everything with the modutils tool (create new database, add opensc module for my smartcard and set FRIENDLY flag) but maybe Firefox needs some other flag not to get locked that I've not considered. <pre> $ cat ~/.pki/nssdb/pkcs11.txt library= name=NSS Internal PKCS #11 Module parameters=configdir='sql:.' certPrefix='' keyPrefix='' secmod='' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30}) library=./libnssckbi.so name=Root Certs NSS=trustOrder=100 library=/usr/lib/opensc/opensc-pkcs11.so name=izenpe NSS=slotParams={0x00000000=[slotFlags=PublicCerts ] 0x00000001=[slotFlags=PublicCerts rootFlags=hasRootTrust] 0x00000002=[slotFlags=PublicCerts ] 0x00000003=[slotFlags=PublicCerts ] 0x00000004=[slotFlags=PublicCerts ] 0x00000005=[slotFlags=PublicCerts ] 0x00000006=[slotFlags=PublicCerts ] 0x00000007=[slotFlags=PublicCerts ] 0x00000008=[slotFlags=PublicCerts ] 0x00000009=[slotFlags=PublicCerts ] 0x0000000a=[slotFlags=PublicCerts ] 0x0000000b=[slotFlags=PublicCerts ] 0x0000000c=[slotFlags=PublicCerts ] 0x0000000d=[slotFlags=PublicCerts ] 0x0000000e=[slotFlags=PublicCerts ] 0x0000000f=[slotFlags=PublicCerts ] } </pre> ____ I had to activate the FRIENDLY flag in order Chrome to correctly obtain the smartcard's certificate. I'm new to Chrome so maybe there's another way to do this. Firefox doesn't require it and asks for the PIN. Irune Prado :: Zylk.net ----------------------------------------- -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto