Discussion:
Configuration error when using TortoiseSVN with smart card.
robotk
2008-05-06 04:00:28 UTC
Permalink
Hi:

I knew that Subversion 1.5.0(Linux Build) supported smartcard certification from this discussion: http://www.nabble.com/Re%3A-svn-client---smartcard-certificates-to16641335.html#a16641335;

So i tried the windows svn client TortoiseSVN (1.5.0.12786-RC1-win32-svn-1.5.0-RC4) to see whether it works with smart card; I added
"ssl-pkcs11-provider = c:\windows\system32\aetpkss1.dll"
in TortoiseSVN's configuration file %APPDATA%\servers,
but when i checked out files, TortoiseSVN said:
"Invalid config: unable to load PKCS#11 provider 'c:\windows\system32\aetpkss1.dll';"

But the provider "aetpkss1.dll" worked well with FireFox, SecureCRT and MS Internet Explorer.

The smart card i used is "Giesecke & Devrient StarKey"
(http://www.gi-de.com/portal/page?_pageid=42,124009&_dad=portal&_schema=PORTAL#124080_anchor);

and the card driver(including PKCS#11 provider) is the "SafeSign Standard" of A.E.T. Eruope B.V company;
(http://www.cyprotect.com/rainbow/ikey3000/SafeSign-Standard-2.0.3.zip)


Is there a windows svn client support smartcard authentication?


Thanks

Setven Zhang
=?x-gbk?Q?Stefan_K=A8=B9ng?=
2008-05-06 17:08:50 UTC
Permalink
Post by robotk
I knew that Subversion 1.5.0(Linux Build) supported smartcard
http://www.nabble.com/Re%3A-svn-client---smartcard-certificates-to16641335.html#a16641335;
So i tried the windows svn client TortoiseSVN
(1.5.0.12786-RC1-win32-svn-1.5.0-RC4) to see whether it works with smart
card; I added
"ssl-pkcs11-provider = c:\windows\system32\aetpkss1.dll"
in TortoiseSVN's configuration file %APPDATA%\servers,
"Invalid config: unable to load PKCS#11 provider
'c:\windows\system32\aetpkss1.dll';"
But the provider "aetpkss1.dll" worked well with FireFox, SecureCRT and
MS Internet Explorer.
The smart card i used is "Giesecke & Devrient StarKey"
(http://www.gi-de.com/portal/page?_pageid=42,124009&_dad=portal&_schema=PORTAL#124080_anchor
<http://www.gi-de.com/portal/page?_pageid=42,124009&_dad=portal&_schema=PORTAL#124080_anchor>);
and the card driver(including PKCS#11 provider) is the "SafeSign
Standard" of A.E.T. Eruope B.V company;
(http://www.cyprotect.com/rainbow/ikey3000/SafeSign-Standard-2.0.3.zip)
Is there a windows svn client support smartcard authentication?
Not really, no. The pakchois package which neon requires to get
smartcard support is linux only. Also, GnuTLS doesn't work very reliable
on Windows, that's why we will keep using OpenSSL instead.

Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net
Loading...