In Belgium, online eGovernment services require the usage of an electronic Identity Card (eID) as a security token. This eID, coupled with a PIN, allows easier paperless interaction with the official services. Last spring 2008 the eID infrastructure was still Windows-only, but now Linux is supported. This post details how to enable the Belgian eID card reader on Ubuntu (8.04). The official info-website is http://eid.belgium.be/nl/Hoe_installeer_je_de_eID_/Linux/index.jsp.
I borrowed an ACR38 card reader. From the command line it displays:
$ lsusbSimply install the ACR38U driver from the Synaptic Package Manager:
Bus 001 Device 004: ID 072f:9000 Advanced Card Systems, Ltd ACR38 AC1038-based Smart Card Reader
Synaptic recommends the pcscd as a dependent package.
Finally, select the 'beidgui' package and accept all dependencies that are proposed:
Now the standalone application can be run. Select Applications/Accessories/Reading and Administration in the Menu or trigger the command line:
$ b eiguiThe final step is making firefox accept the external card reader. For this, install the Belgium eID add on for firefox at https://addons.mozilla.org/firefox/addon/belgium-eid/.
If you get a "ssl renegotiation error", you should temporarily allow the specific e-government site to accept ssl renegotiations by going to the magic "about:config" url and updating the security.ssl.renego_unrestricted_hosts key with ccff02.minfin.fgov.be.
More info:
Nice to see Linux-friendly eGov applications!
More info:
- http://www.stroobant.be/belgische-eid-2-5-9-packages-voor-ubuntu-dapper
- http://www.grep.be/blog/en/computer/debian/belpic/
update 2011/05/09 for ubuntu 11.4:
- in about:config update the security.ssl.renego_unrestricted_hosts with ccff02.minfin.fgov.be
- use the 'belgium eID' firefox addon that registers the correct library instead doing the manual configuration.
update 2011/06/14: unfortunately, the minfin.fgov.be site added a "firefox 3" test instead of fixing the ssl renegotiation error. Luckily, it's easy to circumvent this by installing the User Agent Switcher plugin and activating a new "FireFox 3" header. The following user-agent header worked for me: "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/3.5.0"
Hi Michael,
ReplyDeleteWorks like a charm.
Please correct:
You need the pcscd package and not the pcsd package. I installed through apt-get install and was confused for a second. So it took me 30s to get the whole thing installed. No need for apt-get build-dep, it is done automatically just press (y/n) y.
Thanks for the great job!
Linux thomas-laptop 2.6.27-11-generic #1 SMP Thu Jan 22 17:22:40 UTC 2009 i686 GNU/Linux
Fri Jan 23 04:45:26 GMT 2009
libacr38u:
Installed: 1.7.9-3
Candidate: 1.7.9-3
Version table:
*** 1.7.9-3 0
500 http://archive.ubuntu.com intrepid/universe Packages
100 /var/lib/dpkg/status
pcscd:
Installed: 1.4.102-1ubuntu1
Candidate: 1.4.102-1ubuntu1
Version table:
*** 1.4.102-1ubuntu1 0
500 http://archive.ubuntu.com intrepid/universe Packages
100 /var/lib/dpkg/status
beidgui:
Installed: 2.6.0-4
Candidate: 2.6.0-4
Version table:
*** 2.6.0-4 0
500 http://archive.ubuntu.com intrepid/universe Packages
100 /var/lib/dpkg/status
Bus 002 Device 003: ID 072f:9000 Advanced Card Systems, Ltd ACR38 AC1038-based Smart Card Reader
[...]
thomas@thomas-laptop:~$
Hi again,
ReplyDeleteThere's a memory leek in it, it also can be noticed in firefox itself. I will take a closer look tonight.
Cheers,
Thomas
https://bugs.launchpad.net/ubuntu/+source/belpic/+bug/320480
This comment has been removed by a blog administrator.
ReplyDelete