Closed getreu closed 5 months ago
The manifest path was the problem.
In the manual above, I replaced the line:
ln -s "$(dirname $(dirname $(realpath $(which web-eid))))/share/web-eid/eu.webeid.json" .
with
ls -s "$(dirname $(dirname $(realpath $(which web-eid))))/lib/mozilla/native-messaging-hosts/eu.webeid.json" .
Below you find the corrected working procedure.
Edit: modified according to https://github.com/NixOS/nixpkgs/issues/281710#issuecomment-2031506760
Install the web-eid-app
package in NixOS
Insert in configuration.nix
:
important: do not add firefox-esr
in packages!
packages = with pkgs; [
web-eid-app
p11-kit
opensc
];
and below:
services.pcscd.enable = true;
programs.firefox.enable = true;
programs.firefox.package = pkgs.firefox-esr;
programs.firefox.nativeMessagingHosts.packages = [ pkgs.web-eid-app ];
programs.firefox.policies.SecurityDevices.p11-kit-proxy = "${pkgs.p11-kit}/lib/p11-kit-proxy.so";
# Authentification
environment.etc."pkcs11/modules/opensc-pkcs11".text = ''
module: ${pkgs.opensc}/lib/opensc-pkcs11.so
'';
Enable logging (for testing only)
Enable logging:
echo 'logging=true' > ~/.config/RIA/web-eid.conf
Check success:
web-eid
A dialogue About Web eID window appears. Click on [Cancel]
.
cat /.local/share/RIA/web-eid/web-eid.log
You should see something like:
2024-03-31T06:56:42.804Z INFO src/controller/controller.cpp:72:void Controller::run() - "web-eid" app "2.4.0+0" running in command-line mode
Install the browser extension within Firefox from Web eID – Get this Extension for Firefox (en-US)
Check success
Goto https://web-eid.eu/ and click on [Authenticate]
.
Type pin1, you should see:
Digital signing Welcome, XXX XXX!
Press the button [Sign document]
, then type pin2, you should see:
Digital signing
Welcome, XXX XXX!
Signature added: example-for-signing.asice
Edit: this workaround is not necessary any more according to https://github.com/NixOS/nixpkgs/issues/281710#issuecomment-2031506760
The lines
mkdir -p ~/.mozilla/native-messaging-hosts/
cd ~/.mozilla/native-messaging-hosts/
ls -s "$(dirname $(dirname $(realpath $(which web-eid))))/lib/mozilla/native-messaging-hosts/eu.webeid.json" .
are a workaround until #281710 is fixed.
Reproduce
Install
Install the
web-eid-app
package in NixOSInsert in
configuration.nix
:and below:
Enable logging (for testing only)
Enable logging:
Check success:
A dialogue About Web eID window appears. Click on
[Cancel]
.You should see something like:
Install the browser extension within Firefox from Web eID – Get this Extension for Firefox (en-US)
Link the
web-eid
manifest into the browser configurationCheck success
[Authenticate]
.Incorrect result
Unfortunately, I get the following error page in the browser:
Furthermore, no log message in
/.local/share/RIA/web-eid/web-eid.log
.Help is welcome.
I also filed a bug report upstream: https://github.com/web-eid/web-eid-app/issues/317