Hello everyone!
I’m trying to write x509 cert to my Nitrokey Start.
But it’s failed.
gpg/card> writecert 3 < cert.cer
gpg: error writing certificate to card: General error
Neither PEM nor DER format, I’ve tried to do this with pkcs11-tool but it’s failed too.
I’m using gpg ver 2.2.6 and 2.1.11 on another computer and opensc ver 0.18
Storing certificates on Nitrokey Start is a bit different than with the other devices. You would need to use the separate Python scripts gnuk_put_binary.py or gnuk_put_binary_libusb.py.
Please take a look to other branch, gnuk1.2-regnual-fix, since master corresponds to older version of GNUK. Here is the link for updated tools (there is no gnuk_put_binary.py there, only gnuk_put_binary_libusb.py).
As far as I remember, the first error (AttributeError: 'NoneType' object has no attribute 'icc_get_status') is a connection-related one - perhaps GnuPG scdaemon or pcscd were using the device at the moment and the tool could not lock it. Sorry the errors are not easily recognizable - I hope to fix that in the future.
Please run the following before using the tool:
gpg-connect-agent "SCD KILLSCD" "SCD BYE" /bye
Regarding the second one, device returns 65 81 code, which according to OpenPGP v2.1 specification (p. 52) means Memory failure. What that would mean specifically, I will have to check in the source code. Maybe trying with another certificate would help (I see you have done so with two different ones already).
Could you tell, which firmware version do you use on your device?
I think usb_strings.py could reply to that question.
Edit: could you attach a test certificate, so I could reproduce the issue locally?
One of the reasons is the certificate file is too big. I will test that later this week. Perhaps it was fixed in the latest GNUK - I plan to update the firmware and test this.
Could you upload the exact test file you are using?
Hi @alekzoid ! Sorry for the delay.
I tried to import your certificate on latest GNUK, but with no effect. I have registered Start#10 to follow this further.