|[ << ]||[ < ]||[ Up ]||[ > ]||[ >> ]||[Top]||[Contents]||[Index]||[ ? ]|
To allow all the GnuTLS applications to access PKCS #11 tokens
you can use a configuration per module, stored in
These are the configuration files of p11-kit(11).
For example a file that will load the OpenSC module, could be named
/etc/pkcs11/modules/opensc and contain the following:
If you use this file, then there is no need for other initialization in GnuTLS, except for the PIN and token functions. Those allow retrieving a PIN when accessing a protected object, such as a private key, as well as probe the user to insert the token. All the initialization functions are below.
Note that due to limitations of PKCS #11 there are issues when multiple libraries are sharing a module. To avoid this problem GnuTLS uses p11-kit that provides a middleware to control access to resources over the multiple users.
This document was generated on January 21, 2012 using texi2html 5.0.