The HSM management through scsh on RHEL9 (incl Rocky 9) may pose a challenge due to an issue with the manner in which that Linux distribution installs PCSC Lite components. Consequently, neither the scsh command line tool nor scsh3gui are capable of recognizing the HSM tokens that have already been connected to the system.
The problem is caused by the set of libraries that are installed by default when smart card support is enabled on the distribution through the package system. That support implies the installation of libpcsclite.so.1 instead of libpcsclite.so. To make scsh recognize the connected HSM tokens, one should find a way to bring libpcsclite.so into the system, which is required by Java OpenJDK for successful execution of scsh classes.
Now, in greater details. By enabling smart card support, the package management system installs those two packages:
pcsc-lite pcsc-lite-libs
as well as their dependencies. Here pcsc-lite-libs only provides:
/usr/lib64/libpcsclite.so.1
None of the above provides:
/usr/lib64/libpcsclite.so
At this juncture, it is advised to refrain from creating manually libpcsclite.so as a symlink to libpcsclite.so.1, as it may result in interference with the package system. There is a much more proper way to bring libpcsclite.so to the system:
dnf install pcsc-lite-devel
Installing pcsc-lite-devel just creates the necessary symlink and registers it in the RPM database.
