Scute and SmartCard insertion/removal in Firefox

Martin Paljak martin at
Wed Feb 5 16:15:01 CET 2014

If you have a web server *and* a client where you can control the
session cache and initiate a re-negotiation, Firefox will try to look
at your token again.

At least this was the case a while ago.
+372 515 6495

On Wed, Feb 5, 2014 at 12:58 PM, Urs Hunkeler <uhu at> wrote:
> Hi,
> I use the GnuPG card and have installed all the software, including Scute. I
> configured a server for HTTPS asking for client certificates. When the card
> is inserted before requesting the page, I get a request for the user PIN for
> the card, and then the certificate is exchanged with the server as desired,
> and everything works fine.
> When the card is not inserted, my web application detects that no
> certificate has been sent and shows a login-failed message. If I then insert
> the card and reload the page, the card is not accessed and login still
> fails. I actually have to terminate and restart Firefox for it to use the
> card (shift-click on reload does not work either).
> Ideally, I would like to be logged out when I remove the card and logged in
> when I insert the card. Mozilla provides an unofficial JavaScript object to
> detect card insertion/removal
> ( The JavaScript
> code detects successfully insertion and removal of the card. Using mozilla's
> example script, when I remove the card, the page is reloaded, but displays
> an error message. I can probably hide the error message by verifying the
> connection in the background (AJAX) or reloading the page with a delay.
> However, when I insert the card, the page is still reloaded but the client
> certificate is not used.
> Is there a way to reload a page and explicitly request that the SmartCard be
> accessed? Or do you have any suggestions for a work-around?
> Sincerely,
> Urs
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

More information about the Gnupg-users mailing list