Web eID: Difference between revisions

Line 53:

== PKCS#11 ==

Note some websites still use PKCS#11 instead of Web eID (for Estonian ID cards). This requires different configuration.

Note some websites still use PKCS#11 instead of Web eID (e.g. for Estonian and Belgian ID cards). This requires different configuration.

We configure the browser(s) to load PKCS#11 modules via the <code>p11-kit-proxy</code> module as configured in <code>/etc/pkcs11/modules</code>, and configure <code>opensc-pkcs11.so</code> in there.

Line 102:

== Belgian eID cards ==

The Web eID browser extension, used for authentication with Belgian eID cards, requires the PKCS#11 module <code>libbeidpkcs11.so.0</code> to be available in the directory <code>/usr/lib/x86_64-linux-gnu/</code>. Since this directory does not exist by default on NixOS, the Web eID application installed on the host system will not detect or support Belgian eID cards.

Set up PKCS#11 as described above. The Web eID browser extension, used for authentication with Belgian eID cards, requires the PKCS#11 module <code>libbeidpkcs11.so.0</code> to be available in the directory <code>/usr/lib/x86_64-linux-gnu/</code>. Since this directory does not exist by default on NixOS, the Web eID application installed on the host system will not detect or support Belgian eID cards.

To resolve this, you can create a symlink from the Nix store version of <code>beidpkcs11.so</code>, provided by the <code>eid-mw</code> package, into <code>/usr/lib/x86_64-linux-gnu/</code>:<syntaxhighlight lang="nix">system.activationScripts.web-eid-app = {

@@ Line 53: / Line 53: @@
 == PKCS#11 ==
-Note some websites still use PKCS#11 instead of Web eID (for Estonian ID cards). This requires different configuration.
+Note some websites still use PKCS#11 instead of Web eID (e.g. for Estonian and Belgian ID cards). This requires different configuration.
 We configure the browser(s) to load PKCS#11 modules via the <code>p11-kit-proxy</code> module as configured in <code>/etc/pkcs11/modules</code>, and configure <code>opensc-pkcs11.so</code> in there.
@@ Line 102: / Line 102: @@
 == Belgian eID cards ==
-The Web eID browser extension, used for authentication with Belgian eID cards, requires the PKCS#11 module <code>libbeidpkcs11.so.0</code> to be available in the directory <code>/usr/lib/x86_64-linux-gnu/</code>. Since this directory does not exist by default on NixOS, the Web eID application installed on the host system will not detect or support Belgian eID cards.
+Set up PKCS#11 as described above. The Web eID browser extension, used for authentication with Belgian eID cards, requires the PKCS#11 module <code>libbeidpkcs11.so.0</code> to be available in the directory <code>/usr/lib/x86_64-linux-gnu/</code>. Since this directory does not exist by default on NixOS, the Web eID application installed on the host system will not detect or support Belgian eID cards.
 To resolve this, you can create a symlink from the Nix store version of <code>beidpkcs11.so</code>, provided by the <code>eid-mw</code> package, into <code>/usr/lib/x86_64-linux-gnu/</code>:<syntaxhighlight lang="nix">system.activationScripts.web-eid-app = {