manpagez: man pages & more
info gnutls
Home | html | info | man
[ << ] [ < ] [ Up ] [ > ] [ >> ]         [Top] [Contents] [Index] [ ? ]

6.7.1 Initialization

To allow all the GnuTLS applications to access PKCS #11 tokens you can use a configuration per module, stored in /etc/pkcs11/modules/. These are the configuration files of p11-kit(11). For example a file that will load the OpenSC module, could be named /etc/pkcs11/modules/opensc and contain the following:

module: /usr/lib/opensc-pkcs11.so

If you use this file, then there is no need for other initialization in GnuTLS, except for the PIN and token functions. Those allow retrieving a PIN when accessing a protected object, such as a private key, as well as probe the user to insert the token. All the initialization functions are below.

Note that due to limitations of PKCS #11 there are issues when multiple libraries are sharing a module. To avoid this problem GnuTLS uses p11-kit that provides a middleware to control access to resources over the multiple users.


This document was generated on January 21, 2012 using texi2html 5.0.