- The client does not prompt you for which certificate to use if you have more than one certificate on your smart card
- The client won't currently work with SELinux in enforcing mode because of a currently unresolved text relocation issue in libgcrypt. A partial mitigation for this issue is to manually set the SELinux file type for one file:
chcon -t textrel_shlib_t '/lib/libgcrypt.so.11.5.1'
- The installation requires some libraries to have more than one RPM installed, making the initial installation somewhat awkward
The library dependencies must be installed in parallel with some of the system libraries, you can't just do an upgrade on those packages, since many installed packages may depend on the current versions.
After downloading the above RPMs, use this set of commands as root to install them:
rpm -ivh --force gnutls-2.4.2-3el5.i386.rpm rpm -ivh libtasn1-1.5-%1el5.i386.rpm neon-0.28.3-2.i386.rpm pakchois-0.4-2.i386.rpm libgcrypt-1.4.3-2el5.i386.rpm rpm -Uvh subversion-1.5.4-3.i386.rpmNote: we know that an installation where you must use --force is suboptimal. We are working on the issue and will fix these instructions when we have a fixed gnutls RPM.' ' To enable smart card support, first make sure that you have CoolKey working for other applications, such as Firefox. Then run 'svn' once to establish a $HOME/.subversion/servers file if you haven't run svn on this system previously. Edit that file and add this line in the "global" section:
ssl-pkcs11-provider = coolkeyOnce you do that, you should be able to check out client-certificate protected Subversion repositories using the Linux command line client.
