Thanks. But about the crux of the matter and rest of my message: "The problem was my use of SSL_ForceHandshake...I was using it before any data exchange between client and server, and for some unexplained reason, that was preventing the cert on the card from being used...Isn't that odd?" According to the Fabulous Manual, a SSL_ForceHandhske can be done anytime after a PR_Connect or PR_Accept...
-- P "Nelson B. Bolyard" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Patrick wrote: > > > > Update on my NSS + PKCS11 troubles: > > > > I finally got my NSS client app to work with the PKCS11 crypto module and > > the smartcard, and use the client cert on the card for SSL client auth. > > Congratulations! > > > Speaking of SSL handshakes, when and why is SSL_ResetHandshake used? Is that > > the first before redoing a full SSL handshake (with SSL_RedoHandshake)? > > Read The Fabuluous Manual! > > http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslfnc.html#1058001 > > -- > Nelson Bolyard > Disclaimer: I speak for myself, not for Netscape
