When Belgium introduced its electronic Identity Card (eID, a.k.a the Belpic project), it received quite some attention from Microsoft : a speech by Bill Gates, a dedicated website about the Belgian eID, .... Far less attention has gone to the fact that the so-called eID middleware, the software that reads the chip and presents its data to user applications, is open source software - it is in fact an adaptation of source code from the OpenSC project,with its source published under the LGPL.
One of the most popular 'eID Card Readers' for use with the Belgian ID card is the ACS ACR38U. It's a cheap smartcard reader that works out of the box on Windows XP and is often referred to as "eID card Reader".
Debian has software packages for both the ACS ACR38U smartcard reader, and the Belgian eID card. Therefore, Ubuntu has them too. Older versions of these packages had a few bugs, but they've steadily improved since Ubuntu Efty Eft. Now with Hardy Heron, they work (almost) flawless.
If you need to troubleshoot the setup of either ACS ACR38U or the Belpic BeID software, refer to this page for some hints of additional packages you might need, step by step test procedures to diagnose where it goes wrong, and some ideas on what to try next.
first plug in the card reader, check that your operating system has detected it, and install drivers:
# check that card reader is plugged in and detected by OS lsusb |grep "Smart Card" Bus 001 Device 003: ID 072f:9000 Advanced Card Systems, Ltd ACR38 AC1038-based Smart Card Reader # install drivers apt-get install libacr38u
Now, install the following packages.
apt-get install beid-tools apt-get install pcscd #optional user interface to make the eID card human readable apt-get install beidgui
Run beidgui (command line or from the menu Applications: Other:Reading and Administration) and check that you can actually read the chip an a Belgian eID card. If this doesn't work rightaway, it helps to unplug the card reader and plug it back in. If necessary, reboot to make sure all services are started in the right order.
To use the eID in web applications, you need to register the eID certificates in your browser. Browse to file:///usr/share/beid/beid-pkcs11-register.html for an automated procedure. This can also be done from the command prompt (or a script). Be sure to register the certificate while running firefox (or other application) under a normal user account, i.e. not as root. When you register the certificate as root, you'll always have to run firefox as root to be able to use it (and you can not add the same certificates as an other user).
#register certificates in firefox firefox file:///usr/share/beid/beid-pkcs11-register.html
This doesn't always work smoothly, but it's easy to manually correct this :
In the consequent dialog, enter
Module name: Belgium Identity Card PKCS#11
Module File Name: libbeidpkcs11.so.2
or: Module File Name: /usr/lib/libbeidpkcs11.so.2
Note the number '2' in the .so file. You may have similar files with other numbers in /usr/lib
To test with an eID-enabled web application, surf to FedICT : Toepassingen
Instructions for use of eID with other applications (Thunderbird; OpenOffice.org, Acrobat, ...) : FedICT :: Toepassingen :: Configureren