Dear list,
I have a problem when integrating my application with LunaSA/LunaCA3 by using the ENGINE extension with our
OpenCA-OCSP daemon.
I successfully can execute PRE and POST commands by using
`ENGINE_ctrl_cmd_string()' (e.g. CONF_PATH and login commands).
The problem is that, by using default OpenSSL ENGINE commands (with OpenSSL 0.9.7) to load the private key generated on the LunaSA I get the following error:
-------------------------------------------------------
30436:error:2609607D:engine routines:ENGINE_load_private_key:no load function:eng_pkey.c:110:
-------------------------------------------------------
The code that generates the problem is the following:
-------------------------------------------------------
ocspd_conf->ocspd_pkey = ENGINE_load_private_key(ocspd_conf->engine, keyfile, UI_OpenSSL(), &cb_data);
if ( bio_out = BIO_new_fp( stderr, BIO_NOCLOSE)) { ERR_print_errors( bio_out ); BIO_free(bio_out); }
-------------------------------------------------------
On the LunaSA device we have the following objects:
-------------------------------------------------------
[EMAIL PROTECTED] root]# cmu list -display=id,label,handle
Please enter password for token in slot 1 : ****************
id=00000001 label=ocspPubKey handle=10
id=00000001 label=ocspPrivKey handle=11
-------------------------------------------------------
and in keyfile variable in the example I set the id of the private key (00000001).
Does anyone have experiences on how to load a private key from the LunaSA (LunaCA3) with OpenSSL 0.9.7 ?
Thanks for any help,
--- Massimiliano Pala ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]