Sembra che OpenSC non trovi neppure il certificato, il quale è strano perché a me funziona correttamente. A me esce così(sempre tessera Infocamere/camera del commercio bergamo, serie 7420*)
[amreo@amreo-manjaro-pc ~]$ pkcs11-tool --module /usr/lib/bit4id/libbit4xpki.so -O
Using slot 0 with a present token (0x0)
Certificate Object; type = X.509 cert
label: CNS User Certificate
subject: DN: O=Camera di Commercio, OU=CCIAA Bergamo, C=IT, SN=Laisa, CN=<miocf>\/7420<serie tessera>.<boh>/dnQualifier=AUT0<boh>, GN=Andrea
ID: 43xxxx30
Data object 1002
label: 'PDATA'
application: 'PDATA'
app_id: 2.0.<boh>
flags: modifiable
Public Key Object; RSA 1024 bits
label: CNS User Public Key
ID: 43xxxx30
Usage: encrypt, verify
Access: none
Certificate Object; type = X.509 cert
label: DS User Certificate3
subject: DN: C=IT, SN=Laisa/serialNumber=TINIT-<miocf>, CN=Laisa Andrea/dnQualifier=SIGSP00<boh>, GN=Andrea
ID: 44xx33
Public Key Object; RSA 2048 bits
label: DS User Public Key3
ID: 44xx33
Usage: encrypt, verify
Access: none
Public Key Object; RSA 1024 bits
label: test-key
ID: b7yy66
Usage: encrypt, verify
Access: local
[amreo@amreo-manjaro-pc ~]$ pkcs11-tool -O
Using slot 0 with a present token (0x0)
Public Key Object; RSA 1024 bits
label: CNS0
ID: 01
Usage: verify, wrap
Access: none
Certificate Object; type = X.509 cert
label: CNS0
subject: DN: O=Camera di Commercio, OU=CCIAA Bergamo, C=IT, SN=Laisa, CN=<miocf>\/7420<seriale carta>.<boh>/dnQualifier=AUT0<boh>, GN=Andrea
serial: 0CxxEB
ID: 01
Profile object 23xx68
profile_id: CKP_PUBLIC_CERTIFICATES_TOKEN (4)
Data object 23xx64
label: 'EF_DatiProcessore'
application: 'EF_DatiProcessore'
app_id: <empty>
flags: <empty>
Data object 23xx60
label: 'EF_IDCarta'
application: 'EF_IDCarta'
app_id: <empty>
flags: <empty>
Data object 23xx56
label: 'EF_DatiPersonali'
application: 'EF_DatiPersonali'
app_id: <empty>
flags: <empty>
Data object 23xx52
label: 'EF_DatiPersonaliAggiuntivi'
application: 'EF_DatiPersonaliAggiuntivi'
app_id: <empty>
flags: <empty>
Data object 23xx48
label: 'EF_MemoriaResidua'
application: 'EF_MemoriaResidua'
app_id: <empty>
flags: <empty>
Data object 23xx44
label: 'EF_ServiziInstallati'
application: 'EF_ServiziInstallati'
app_id: <empty>
flags: <empty>
Data object 23xx40
label: 'EF_INST_FILE'
application: 'EF_INST_FILE'
app_id: <empty>
flags: <empty>
Data object 23xx36
label: 'EF_CardStatus'
application: 'EF_CardStatus'
app_id: <empty>
flags: <empty>
Data object 23xx32
label: 'EF_GDO'
application: 'EF_GDO'
app_id: <empty>
flags: <empty>
Data object 23xx28
label: 'EF_RootInstFile'
application: 'EF_RootInstFile'
app_id: <empty>
flags: <empty>
[amreo@amreo-manjaro-pc ~]$ pkcs11-tool --read-object --id 01 --type cert --output-file cert.der
Using slot 0 with a present token (0x0)
[amreo@amreo-manjaro-pc ~]$ openssl x509 -in cert.der -inform der -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81xx91 (0xc8xxb)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=IT, O=InfoCamere S.C.p.A., OU=Trust Service Provider, serialNumber=02xx07, CN=InfoCamere Servizi di Certificazione CA
Validity
Not Before: Oct 18 06:55:51 2022 GMT
Not After : Oct 18 00:00:00 2025 GMT
Subject: O=Camera di Commercio, OU=CCIAA Bergamo, C=IT, SN=Laisa, CN=<miocf>/7420<seriale tessera>.<boh>, dnQualifier=AUT0<boh>, GN=Andrea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:b2:42:ba:aa:28:f3:59:75:fc:ce:74:d5:77:04:
<omesso>
76:5d:ea:c7:f3:3d:91:e9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.76.16.2.1
User Notice:
Explicit Text: Identifies X.509 authentication certificates issued for the italian National Service Card (CNS) project in according to the italian regulation
CPS: http://www.cnipa.gov.it
Policy: 1.3.76.14.1.1.80
CPS: https://id.infocamere.it/digital-id/firma-digitale/manuali.html
User Notice:
Explicit Text: InfoCamere S.C.p.A. CNS Certificate
X509v3 Issuer Alternative Name:
email:contatti@infocamere.it
Authority Information Access:
OCSP - URI:http://ocsp.sc.ca.infocamere.it
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.ca.infocamere.it/ca/sc/CRL02.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Authority Key Identifier:
99:08:1B:2E:22:DC:12:36:A8:C5:47:60:DD:80:E6:E9:69:2E:FC:70
X509v3 Subject Key Identifier:
67:88:<omesso>:1B:5E
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
10:db:93:4f:b7:06:93:ca:94:e5:9a:40:cd:4c:86:5a:2e:8b:
<omesso>
55:27:79:59:c9:ef:92:d3
In ogni caso credo che firefox stia utilizzando OpenSC invece di bit4id, per cui una possibile soluzione, seppure tossica, è quella di cambiare la sua configurazione per utilizzare bit4id.