[PVE-User] Pass through usb eToken device on PX 5.2
Lindsay Mathieson
lindsay.mathieson at gmail.com
Fri Jun 15 13:51:33 CEST 2018
Resolved it - GlobalSign tech support couldn't figure it out, eventually
found the answer on a German forum via google translate. The client
software only works when you are conneced via a console, it fails to
load under a RDP session. Fortunately a Spice or noVNC consle works.
Worse - it will only codesign via a console session, and needs a gui
password entry, pretty much useless for out nightly headless builds
where we sign thousands of binaries. And rules out moving to a offsite
server.
I can't imagine what GlobalSign are thinking, this is useless for
anything but individual developer manual builds.
On 15/06/2018 11:59 AM, Lindsay Mathieson wrote:
> Just updated our windows code signing cert from GlobalSign and the
> f**kers now require use of a usb token, some sort of smart card
> (eToken 5100 PKI). USB 1 I think.
>
> Using it with a windows 7x64 VM with latest spice tools etc. Have
> plugged the token into the VM Host and used Add hardware to pass
> through the USB token to the VM (Nice interface BTW! detected it fine).
>
> Token shows up in the device manager as a smart card reader (Aladdin
> and Rainbow entries). The GlobalSign client software installs ok, but
> it just can't find the token.
>
> Anyone else done this successfully?
>
> And off-topic, any suggestion for an alternate code-signing cert
> supplier? not happy with this hardware key, its very limiting.
> --
> Lindsay
--
Lindsay
More information about the pve-user
mailing list