Closed aodhan-domhnaill closed 3 years ago
Do you have any specific (non-default) settings in openssl.cnf
?
I don't think so. I never touched it myself. I attached it
Are these about the same?
Anyway, it would be nice to debug it deeper: down to asn1_item_embed_d2i:field missing
in order to known which particular field is missing.
https://github.com/OpenSC/pam_pkcs11/issues/44 shouldn't be an issue AFAIK because I am running on the latest build. And looks like the other linked issue was resolved by #44 as well.
Maybe I can modify the code a bit to have it say what field was missing.
I made a small modification and I noticed that Ubuntu 20.04 wasn't using the built from source versions when running sudo login aidan
.
After running the below, it worked
sudo mv /usr/local/lib/security/* /lib/security/
sudo mv /usr/local/lib/pam_pkcs11/* /lib/pam_pkcs11/
because I needed to replace the Ubuntu installed versions with the most recent version from commit bb2e3f3a95e44fdf44b0d5a4b377db3179021380
https://github.com/OpenSC/pam_pkcs11/blob/240e2eb675534d8030df3bc2b02607bdb19af1ff/src/common/cert_vfy.c#L570
I am getting the following failure (full output below),
I am on commit
bb2e3f3a95e44fdf44b0d5a4b377db3179021380
and using an Estonian ID card and I followed setup instructions from UbuntuRunning this works,
Full output,