Hi Christian! > sorry to bug you again with this issue, but i want to > clean stuff up here.
I like to hear from people that use my TCOS emulation :-) > > Here's what I might do: I could reorder the certificates in the > > Netkey emulation such that the user-certificates will be > > the first to be loaded (if they exist). And the TeleSeec > > certificate will be loaded last. > > Sounds like a nice solution, but its currently not implemented: > the certs with id 47 are looked up in files df01c200 and df0143b1 > so OpenSwan grabs the first one but i need the latter one. It was a suggestion only. Seems that you are interested, so I will implement this tomorrow. > Is there a better way to do this? Since OpenSwan selects the cert by an non-unique criteria (i.e. its key-id) OpenSC must pick one and it selects the first one it finds. So the only way to get the right one is to make sure it's the first one in OpenSCs list. > A patch like the one attached would help me. Unfortunatelly i > didnt figure out what card-type, the first field there ist about, > so didnt change it. Your patch always loads the user cert first even with cards that do not have such a cert. If the (optional) user-cert is missing no cert will be loaded at all. So plain TeleSec cards without user-certs won't work anymore. I will take care of that. Peter _______________________________________________________________________ Viren-Scan für Ihren PC! Jetzt für jeden. Sofort, online und kostenlos. Gleich testen! http://www.pc-sicherheit.web.de/freescan/?mc=022222 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
