Getting a hardware token ID
Before we can configure OpenVPN to make use of the hardware token, we must first determine what the hardware token ID is. This hardware token ID looks quite complicated at first, hence a separate recipe is included for this purpose.
Getting ready
Keep the hardware token from the previous recipe at hand. Install OpenVPN 2.1. In this recipe, the computer used was running Fedora 12 Linux, pcsc-lite 1.5.2, opensc-0.11.12, PKI Client 5.00, and OpenVPN 2.1.1.
How to do it...
Use the following command to list the PKCS#11 IDs that are available to OpenVPN:
$ openvpn --show-pkcs11-ids /usr/lib64/libeTPkcs11.so
The following objects are available for use.
Each object shown below may be used as parameter to
--pkcs11-id option please remember to use single quote mark.
Certificate
DN: /C=NL/O=Cookbook/CN=openvpnclient1/…
Serial: 02
Serialized id: Aladdin\x20Ltd\x2E/eToken/001a01a9/Cookbook/20100703How it works...
OpenVPN loads the PKCS...
