On 06/20/2013 01:20 PM, Johan Dahlin wrote: > [Sorry if this appears twice, the first copy got stuck in the moderation > queue] > > I'm investigating the use of smart card readers for my application[1], > which is also free software. > > As part of the brazilian eletronic legislation I need to be able to > connect to a https server[2] and do a couple of soap calls. > > It works just fine in Firefox 21, when I: > > * Go to the site > * Add a certificate exception via the "I accept the risk" dialog > * Enter the PIN for the smart card reader via a popup dialog > * Access the site normally > > When I tried adapting httplib_example.py in python-nss I ran into > two problems: > > it has an unknown issuer which I can workaround by implementing a > SSL_AuthCertificateHook. > > The second problem however is that I need a way to use the client > certificate from the smart card reader, including ask the user > to enter a pin code. > > How can I access a site requiring a client certificate stored on a > pkcs11 compatible smart card readers via libnss/python-nss?
Did you set the socket client auth callback to supply the client cert? See SSLSocket.set_client_auth_data_callback() There is an example of it's usage in doc/examples/ssl_example.py John -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
