LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page Using pam_pkcs11-0.6.2-11.1 with NSS for certificate mapping to LDAP fails in cert_in
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-13-2012, 06:01 PM   #1
breds
LQ Newbie
 
Registered: Jun 2012
Posts: 11

Rep: Reputation: Disabled
Unhappy Using pam_pkcs11-0.6.2-11.1 with NSS for certificate mapping to LDAP fails in cert_in

Hi everyone,

I am trying to map a certificate from a smart card to an entry in LDAP using pam_pkcs11-0.6.2-11.1 and NSS. The problem I am having is that the cert_info.c file seems to have two separate cert_info() functions. One for when NSS is installed and one for when NSS is not installed. However, when the ldap_mapper.c file calls the cert_info() function with NSS installed, the cert_info() function that handles the request does not have a CERT_PEM case. This is causing me to get this error:

DEBUG:cert_info.c:267: Invalid info type requested: 10
DEBUG:ldap_mapper.c:880: get_certificate() failed
DEBUG:mapper_mgr.c:243: Cannot find cert data for mapper ldap

The cert_info() file is shown here:

http://www.opensc-project.org/pam_pk...rt_info.c#L275

I feel like there has to be a way for smart card authentication via LDAP with NSS, however, I have not been able to find a way around this problem. Has anyone implemented this scenario or know if this is even possible?

Any suggestions are very much appreciated.

Thank you,


breds
Last edited by breds; 06-14-2012 at 10:32 AM.
 
Old 06-18-2012, 07:58 AM   #2
breds
LQ Newbie
 
Registered: Jun 2012
Posts: 11

Original Poster
Rep: Reputation: Disabled
Has anyone implemented pam_pkcs11 and NSS with LDAP on a RHEL machine?

I would like to know if this config is supported before I put a lot of time on it. From what I have seen it is not but I would like verification if possible.

Thanks,

breds
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Nss-ldap sasl/gssapi? wilslm Linux - General 3 05-07-2011 04:37 AM
nss ldap mapping shadowAccount problem neia Linux - Enterprise 4 06-11-2010 10:29 AM
NSS-LDAP not reading LDAP jim_fields Linux - Software 7 04-30-2009 12:41 AM
Ubuntu 8.04 / LDAP / NSS / PAM - not sharing shadow password hence not authenticating fuzzyworm Linux - Server 5 01-01-2009 03:29 PM
ldap-nss.c error et al keithmcd Red Hat 4 08-19-2008 06:04 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:18 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration