An electronic identification ("eID") is an electronic identification solution of citizens or organizations, for example in view to access benefits or services provided by government authorities, banks or other companies. Apart from online authentication many eICs also give users the option to sign electronic documents with a digital signature.
If you have a CR-75 card reader (
1307:0361), you will also have to compile the following driver: https://github.com/jordidg/libcr75. Reconnect the reader after that.
pcsc_scan program that can be used to check smart card detection Smartcards#Scan for card reader.
For PIN entry,is used. This requires either or to be installed to draw the window where you can enter your PIN number.
To identify with an identification card reader, the following steps are required:
- The app for authentication 
which should open a window. In the window, check that the "PCSC daemon status" is "running".
If it is not the case, start
In the same window, copy the value for "PKCS#11 location".
This value can alternatively be found by first finding the module (which might be
beidpkcs11.so) by doing:
# p11tool --list-tokens
Then finding the full path with:
# find /usr/lib -name beidpkcs11.so
- The driver of the card reader itself.
Look at the brand of the card reader; there is a high chance it is ACS (Advanced Card System Ltd). If it is ACS, go to https://belgeid.be/product/acr38 and download the Linux driver. Follow the described install driver process.
- Know which internet browser you will be using
For Chrome, no plugin. For Chromium, you will need to install https://devctl.blogspot.com/2014/01/making-belgian-eid-work-on-arch-linux.htmland as well. You may consider:
For Firefox, add the Firefox plugin to your browser. In recent versions, you will need to manually add the eID module to the Firefox security devices configuration. Your module path might be different than the one in the guide, use the value of "PKCS#11 location" found with the instructions at the authentication paragraph.
Signing emails with Thunderbird and documents with LibreOffice is explained in a blog post by Luc Stroobant.
Depending on your system configuration it may be possible to run Adobe Reader DC under wine (see also the official FAQ on digital digital signatures). If using Adobe Reader is not possible, you can use Belgian Federal Public Services' "signing box". Using this service requires the installation of an extra eID middleware and extension by e-contract.be. Navigate to the signing box page, upload any pdf-file and attempt to add a digital signature to begin the installation process.
Alternatively,provides native digital signing of pdf's in Linux since version 21.04.
Install long standing issue.AUR as the Brazilian root CAs are not part of Mozilla's NSS due to a
Smart Cards (A3 certificates)
1. InstallAUR and .
/usr/lib/opensc-pkcs11.so) enabled can cause problems both in Firefox and Chrome
Navigate to Edit -> Preference -> Advanced -> Certificates -> Security Devices and click "Load" to load a module using
/usr/lib/libaetpkss.so and name it
ICP-Brasil A3 - Safe Sign Identity Client.
Test it by going to Receita Federal's e-CAC.
Ensure Chrome is closed and run:
modutil -dbdir sql:$HOME/.pki/nssdb/ -add "ICP-Brasil A3 - Safe Sign Identity Client" -libfile /usr/lib/libaetpkss.so
- Automated installation script in Estonian community wiki: EST | ENG. Although initially created for Manjaro Linux, it is also suitable for Arch Linux and other related distributions that use pacman.
modutil -dbdir sql:$HOME/.pki/nssdb -add opensc-pkcs11 -libfile onepin-opensc-pkcs11.so -mechanisms FRIENDLY
To enable PIN 1 authentication in Firefox you should install AUR and AUR. After restarting the browser make sure that "Firefox PKCS11 loader" extension is enabled. You can also follow manual instructions at Smartcards#Mozilla Firefox.
Official instructions: https://dvv.fi/kansalaisvarmenne-kortinlukijaohjelmisto.
mPollux Digisign Client
First install the prequisites as described in #Installation. Then install AUR. Launch the client, connect your reader and put in your card. Click the icon in your status bar once it turns yellow. This should trigger the card activation process if you have not activated it before.
Navigate to Security Devices page (Search it via Preferences), then click Load and set Module Name to DigiSign PKCS#11-moduuli and module filename to
/usr/lib/libcryptoki.so. Finally restrart Firefox. The card can be tested at: https://dvv.fi/testaa-varmenteen-kayttoa.
For some devices, you need to install
/etc/pcsc-cyberjack/cyberjack.conf.default to the same folder, without the .default suffix. Restart
pcsc.service and applications like AUR should recognize the scanner. The ReinerSCT RFID will blink its LED, which it does not when the driver is not installed correctly.
DNI electrónico (DNIe)
InstallAUR. To sign documents using your identity card, install AUR.
BankID is the leading electronic identification in Sweden.