Re: [Evolution] PKCS11 in evolution

[Kaare Fiedler Christiansen <mail kaarefc dk>]

On Wed, 2011-03-16 at 13:33 -0700, nielsrune wrote:
> I think I just found the solution. (I'm in Denmark using the previously
> mentioned government issued certificate).
>
> Using : A fresh Xubuntu 11.04-alpha3 in virtualbox running Evolution 2.32.2
>
> Mozilla's NSS reference for certutil at
> https://developer.mozilla.org/en/NSS_reference/NSS_tools_%3A_certutil
> suggest under argument -d that there are two types of security databases - a
> legacy one and a SQLite. To indicate database type one must put the prefix
> sql: to the directory path.
>
> Having this in mind i tried the same command as Kare, which I have also used
> on Evolution 2.26 but with the database prefix indication. Since I'm using a
> Evolution above version 2.30 I use ~/.pki/nnsdb (maybe old entries needs to
> be removed)
>
> modutil -add "NemID" -libfile /path/to/libNemID_PKCS11.so.1.0.0 -dbdir
> sql:~/.pki/nssdb
>
> This give me the option to select "NemID" as s/mime signing and encryption
> certificate. I have not been able to test otherwise than send, sign and
> encrypt and e-mail to myself, but contrary to my previous test the seems to
> work just find. Upon send the e-mail the small java applet appears where I
> can authorize myself - the same when opening the received e-mail.

Confirmed! This works for me too. Thank you very much!

One correction, though, the command needs to be:

$ modutil -add "NemID" -libfile /path/to/libNemID_PKCS11.so.1.0.0 -dbdir
sql:/path/to/home/.pki/nssdb

(the shell can't expand ~ in this context, since it's no longer a pure
filepath when you prepend sql:)

I assume this means Evolution is using a legacy interface to the
certificate database? Any plans to update this? Any plans to implement
GUI support for adding PKCS11 keystores? (Just in case a developer is
still following this conversation)

Is there somewhere in the Evolution documentation this should be added?

Best,
  KÃre
-- 
Kaare Fiedler Christiansen <mail kaarefc dk>