openvpn in Rocky/RHEL 10.1 with YKCS11 provider #928
Description
Describe the bug
Hello. Currently, I have a libykcs11.so.2.7.2 file that I built using the Rocky 10.1 OS. However, when I attempt to use openvpn with it, using the following command:
openvpn --show-pkcs11-ids libykcs11.so.2.7.2
I get the following error:
PKCS#11: Adding PKCS#11 provider 'libykcs11.so.2.7.2'
PKCS#11: Cannot initialize provider 'libykcs11.so.2.7.2' 6-'CKR_FUNCTION_FAILED'
Failed to add PPKCS#11 provider 'libykcs11.so.2.7.2
Exiting due to fatal error
I am wondering if this has something to do with openvpn in Rocky 10.1, or if it is entirely an issue with the pkcs11 provider.
To Reproduce
Build the Yubico libykcs11.so.2.7.2 from the yubico-piv-tool. Use the following command:
openvpn --show-pkcs11-ids libykcs11.so.2.7.2
Expected behavior
It should print out the pkcs11 ids of my yubikey
Version information (please complete the following information):
- OS: Rocky 10.1
- OpenVPN version: 2.7_rc2 x86_64-redhat-linux-gnu
Additional context
The same command works on Rocky 9.6, with the same pkcs11 provider