glenn Daelman | 30 Apr 18:01 2011
Picon

pam_pkcs11 problem

DEBUG:pam_config.c:188: Using config file /etc/pam_pkcs11/pam_pkcs11.conf
DEBUG:pkcs11.c:65: Initializing NSS ...
DEBUG:pkcs11.c:79: Initializing NSS ... with no db
DEBUG:pkcs11.c:89: ...  NSS Complete
DEBUG:pam_pkcs11.c:233: username = [glenn]
DEBUG:pam_pkcs11.c:244: loading pkcs #11 module...
DEBUG:pkcs11.c:101: Looking up module in list
DEBUG:pkcs11.c:104: modList = 0x99f8690 next = 0x0

DEBUG:pkcs11.c:105: dllName= <null>

DEBUG:pkcs11.c:145: loading Module explictly, moduleSpec=<library="/usr/lib/opensc-pkcs11.so" name="SmartCard"> module=/usr/lib/opensc-pkcs11.so
DEBUG:pkcs11.c:181: load module complete
DEBUG:pam_pkcs11.c:253: initialising pkcs #11 module...
DEBUG:pam_pkcs11.c:344: password = [7437]
DEBUG:pkcs11.c:399: cert 0: found (BELPIC (Basic PIN):Authentication), "serialNumber=72092714538,givenName=Glenn Jan,SN=Daelman,CN=Glenn Daelman (Authentication),C=BE"
DEBUG:mapper_mgr.c:172: Retrieveing mapper module list
DEBUG:mapper_mgr.c:73: Loading static module for mapper 'digest'
DEBUG:mapper_mgr.c:197: Inserting mapper [digest] into list
DEBUG:mapper_mgr.c:73: Loading static module for mapper 'cn'
DEBUG:mapper_mgr.c:197: Inserting mapper [cn] into list
DEBUG:mapper_mgr.c:73: Loading static module for mapper 'pwent'
DEBUG:mapper_mgr.c:197: Inserting mapper [pwent] into list
DEBUG:mapper_mgr.c:73: Loading static module for mapper 'uid'
DEBUG:mapper_mgr.c:197: Inserting mapper [uid] into list
DEBUG:mapper_mgr.c:73: Loading static module for mapper 'mail'
DEBUG:mapper_mgr.c:197: Inserting mapper [mail] into list
DEBUG:mapper_mgr.c:73: Loading static module for mapper 'subject'
DEBUG:subject_mapper.c:116: Subject mapper started. debug: 1, mapfile: file:///etc/pam_pkcs11/subject_mapping, icase: 1
DEBUG:mapper_mgr.c:197: Inserting mapper [subject] into list
DEBUG:mapper_mgr.c:73: Loading static module for mapper 'null'
DEBUG:mapper_mgr.c:197: Inserting mapper [null] into list
DEBUG:pam_pkcs11.c:385: verifing the certificate for the key #1
DEBUG:cert_vfy.c:37: Verifying Cert: BELPIC (Basic PIN):Authentication (serialNumber=72092714538,givenName=Glenn Jan,SN=Daelman,CN=Glenn Daelman (Authentication),C=BE)
DEBUG:cert_vfy.c:41: Couldn't verify Cert: Peer's certificate issuer has been marked as not trusted by the user.
DEBUG:pam_pkcs11.c:399: verify_certificate() failed:
DEBUG:mapper_mgr.c:214: unloading mapper module list
DEBUG:mapper_mgr.c:137: calling mapper_module_end() digest
DEBUG:mapper_mgr.c:148: Module digest is static: don't remove
DEBUG:mapper_mgr.c:137: calling mapper_module_end() cn
DEBUG:mapper_mgr.c:148: Module cn is static: don't remove
DEBUG:mapper_mgr.c:137: calling mapper_module_end() pwent
DEBUG:mapper_mgr.c:148: Module pwent is static: don't remove
DEBUG:mapper_mgr.c:137: calling mapper_module_end() uid
DEBUG:mapper_mgr.c:148: Module uid is static: don't remove
DEBUG:mapper_mgr.c:137: calling mapper_module_end() mail
DEBUG:mapper_mgr.c:148: Module mail is static: don't remove
DEBUG:mapper_mgr.c:137: calling mapper_module_end() subject
DEBUG:mapper_mgr.c:148: Module subject is static: don't remove
DEBUG:mapper_mgr.c:137: calling mapper_module_end() null
DEBUG:mapper_mgr.c:148: Module null is static: don't remove
DEBUG:pam_pkcs11.c:460: no valid certificate which meets all requirements found

_______________________________________________
Pam-list mailing list
Pam-list <at> redhat.com
https://www.redhat.com/mailman/listinfo/pam-list

Gmane