On Mon, Jan 30, 2006 at 09:05:45PM +0100, Nils Larsch wrote: > >The problem is this: the usual case seems to be someone tells the > >application to use private-key with ID 1, and the application also > >uses the cert with ID 1 for that communication. Due to a different > >use of certs in this card here that doesnt work out: i have to use > >private-key with ID 1 and in the same operation the cert with ID 2. > > doesn't the cert with the id 1 belong to the private key with the > id 1 (or what is the exactly problem) ? Yes, that was the problem here.
> >Ive had a look at the debugging-output that gets generated from > >'pkcs15-tool -r'eading certs, but didnt find the hook to overwrite > >the path to the cert-file that is read out. > > the binding between the certs and keys is defined in pkcs15-tcos.c > ( in src/libopensc/ ) as this is most likely not a pkcs15 compliant > card. Thanks a lot! That worked, pkcs15-tool gives me now the cert i need, not the that is requested, libopensc appears to behave the same way now. Unfortunatelly the other side of the OpenSwan-connection still doesnt accept my authentication, but OpenSwan-debugging show now the cert with the right subject is used. On OpenSC-side everything looks good now, guess i will have to look at the firewall-debug-logs now. Greetings, Christian. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel