Show Table of Contents
8.165. pam_pkcs11
Updated pam_pkcs11 packages that fix two bugs are now available for red Hat Enterprise Linux 6.
The pam_pkcs11 package allows X.509 certificate-based user authentication. It provides access to the certificate and its dedicated private key with an appropriate Public Key Cryptographic Standards #11 (PKCS#11) module.
Bug Fixes
- BZ#887143
- The pam_pkcs11 utility generated an incorrect Lightweight Directory Access Protocol (LDAP) URL when attempting to connect to port 636. As a consequence, the connection to that port failed. This update applies a patch to address this bug, and pam_pkcs11 now generates correct LDAP URL in the described scenario.
- BZ#1012082
- After adding the coolkey module manually using the full path by running the "modutil -add "CoolKey PKCS #11 Module" -dbdir /etc/pki/nssdb -libfile /usr/lib64/pkcs11/libcookeypk11.so" command, an attempt to log in using a smart card failed. The underlying source code has been modified to fix this bug and the user is now able to log in using the smart cards as expected.
Users of pam_pkcs11 are advised to upgrade to these updated packages, which fix these bugs.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.