Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cuireadh an snáithe seo sa chartlann. Cuir ceist nua má tá cabhair uait.

PKCS#11 authentication fails with sec_error_token_not_logged_in

more options

I am using a smart card (CAC) to login to a website. Logging out of the website and trying to log back in causes firefox to show the sec_error_token_not_logged_in error instead of asking for my pin.

Steps to reproduce:

1. Use smart card to login to a PKCS#11 secured website. e.g. http://www.sldcada.disa.mil/ Firefox will correctly ask for the smart card pin and authenticate. 2. logout and remove smart card 3. insert smart card and attempt to login again. Firefox will display the above error.

Expected Behavior:

At step 3 firefox will ask for my smart card pin to unlock the token and then authenticate with the website.

Workaround:

2.5 Edit > Preferences > Advanced > Encryption > View Certificates. Enter pin when prompted. Close the preferences windows. Step 3 will now work as expected because the smart card has been unlocked.

I am using a smart card (CAC) to login to a website. Logging out of the website and trying to log back in causes firefox to show the sec_error_token_not_logged_in error instead of asking for my pin. Steps to reproduce: 1. Use smart card to login to a PKCS#11 secured website. e.g. http://www.sldcada.disa.mil/ Firefox will correctly ask for the smart card pin and authenticate. 2. logout and remove smart card 3. insert smart card and attempt to login again. Firefox will display the above error. Expected Behavior: At step 3 firefox will ask for my smart card pin to unlock the token and then authenticate with the website. Workaround: 2.5 Edit > Preferences > Advanced > Encryption > View Certificates. Enter pin when prompted. Close the preferences windows. Step 3 will now work as expected because the smart card has been unlocked.

All Replies (5)

more options

Can you determine whether this is site-specific? For example, if at step 3, you were to visit another site that requires the CAC, will Firefox still fail to ask for a PIN?

Regarding the same site problem, does it make any difference if, at step 3, you:

(1) reload the page bypassing the cache (Ctrl+Shift+r)?

(2) remove the site's cookies and then reload the page?

You can selectively remove a single site's cookies this way: While viewing a page on the site:

  • right-click and choose View Page Info > Security > "View Cookies"
  • Alt+t (open the classic Tools menu) > Page Info > Security > "View Cookies"
more options

You can also try to clear the Active Logins via Clear Recent History to see if that helps.
I don't know if those logins apply to this situation with using a card reader.

more options

I had this problem and I did two things: first, I unblocked the site in NoScript, and second, I reset the recent history. After that it worked without problem.

more options

Thanks for all the replies. The problem is not site specific. Clearing the active logins is another workaround. Perhaps the issue is that active logins are not reset when the smart card is remove and reinserted. Is there a bug tracker where I can report this?

more options

Hi evanward1, you can file a bug here: https://bugzilla.mozilla.org/