[Openvpn-users] openvpn windows aladdin eToken USB pkcs11 does not work

[Jon Bendtsen <jon.bendtsen@xxxxxxxxxx>]

Hi

I have borrowed a Aladdin eToken, and i have some trouble getting it  
to work with openvpn.

i run openvpn 2.1 beta 7 from openvpn.se along with the gui.
I also tried running it from the cmd console.

Only the cmd console asks for a password, the gui never does.

I had thought that "windows" itself would come up with a popup window  
and ask me about the password. Either through CAPI or through the  
software from the device.

My config file contains:
#########################################
# Sample client-side OpenVPN config file
# for connecting to multi-client server.
#
# The server can be pinged at 10.8.0.1.
#
# This configuration can be used by multiple
# clients, however each client should have
# its own cert and key files.
#
# tun-style tunnel

port 443
dev tun0
remote 192.168.123.9:443
proto udp

# TLS parms
ca ca.crt

tls-client

# This parm is required for connecting
# to a multi-client server.  It tells
# the client to accept options which
# the server pushes to us.
pull

comp-lzo no

verb 8

float

pkcs11-providers eTpkcs11.dll
#pkcs11-slot-type label
#pkcs11-slot "eToken"
pkcs11-slot-type id
pkcs11-slot 0
pkcs11-id-type label
#pkcs11-id-type subject
#pkcs11-id "/CN=Jens Hansen/O=Laerdal Sophus A/S/C=DK"
pkcs11-id "(eTCAPI) Jens Hansen's Laerdal ID"
pkcs11-sign-mode recover
pkcs11-pin-cache 300
#pkcs11-protected-authentication
#pkcs11-cert-private
#management 127.0.0.1 8888
#management-hold
#management-query-passwords


The console gives me this output:

Enter eToken token Password:
Thu Feb 02 15:11:01 2006 us=53427 PKCS#11: pin_prompt hook return rv=0
Thu Feb 02 15:11:01 2006 us=137587 TLS_ERROR: BIO read  
tls_read_plaintext error: error:14099004:SSL  
routines:SSL3_SEND_CLIENT_VERIFY:RSA lib
Thu Feb 02 15:11:01 2006 us=144690 TLS Error: TLS object -> incoming  
plaintext read error
Thu Feb 02 15:11:01 2006 us=151809 TLS Error: TLS handshake failed
Thu Feb 02 15:11:01 2006 us=155271 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=159279 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=162802 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=166543 PID packet_id_init  
seq_backtrack=64 time_back track=15
Thu Feb 02 15:11:01 2006 us=173856 PID packet_id_init  
seq_backtrack=64 time_back track=15
Thu Feb 02 15:11:01 2006 us=180857 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=184452 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=188070 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=191447 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=195065 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=198694 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=202112 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=221365 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=225170 TCP/UDP: Closing socket
Thu Feb 02 15:11:01 2006 us=228947 PID packet_id_free
Thu Feb 02 15:11:01 2006 us=232713 SIGUSR1[soft,tls-error] received,  
process restarting
Thu Feb 02 15:11:01 2006 us=239709 Restart pause, 2 second(s)



suggestions, help, comments?

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users