Problem with x.509 certificate and OpenPGP Card
freischlad at gmx.net
Tue Oct 23 17:22:54 CEST 2012
I've got a OpenPGP Card 2.0 and would like to use it with Thunderbird
for signing and encrypting mails via s/mime. I'm running latest version
of gpg2 (2.0.19) on a Windows 7 machine.
What I did so far:
1) Set up of OpenPGP Card with gpg2 (changed name, generated keys). No
Problems so far, Card works fine.
2) Generated Certification Request with gpgsm. Also worked fine.
3) signed request with a new generated own rootCA in xca
4) Transfer of certificate to the card with gpg2 --card-edit (writecert
3 < cert.crt). Still everything worked good.
I now thought it'll be everything to do. So I terminated gpg-agent.exe
in task manager and started Thunderbird (already with PKCS#11
configured). Right after opening the certificates dialog my Smart Card
PIN is requested by the PKCS#11 driver. But there is no x.509
I tried to import the certificates (root and signed certificate) with
gpgsm --import but with no effect. Also reboots, card reader
disconnection, restart of thunderbird in every possible combination did
What am I doing wrong?
Thanks and regards,
More information about the Gnupg-users