On Thu, 11 May 2017 20:33:41 -0700 Luke W Faraone <lfara...@debian.org> wrote: > On Thu, 11 May 2017 19:45:51 -0700 Luke W Faraone <lfara...@debian.org> > wrote: > > Attached is a patch to fix the path to the engine directory, and moves > > this library back to libssl-dev. (it isn't clear to me from changelog or > > git log why the move to 1.1 was originally reverted) > > And of course, that patch was bogus. Attached is a orrected patch. I > intend to upload this to DELAYED/5 once I have a chance to test on real > hardware.
Tested (attached) and uploaded accordingly. -- Luke
$ openssl req -engine pkcs11 -keyform engine -new -key "pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=[…];token=PIV_II%20%28PIV%20Card%20Holder%20pin%29;id=%01;object=PIV%20AUTH%20key;type=private" -out req.pem -text -x509 -subj '/CN=Luke Faraone'
engine "pkcs11" set.
No private keys found.
PKCS#11 token PIN:
cobalt:/tmp/tmp.1Pc1kTLqDp$ cat req.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a7:78:4e:07:98:95:7d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Luke Faraone
Validity
Not Before: May 13 20:07:39 2017 GMT
Not After : Jun 12 20:07:39 2017 GMT
Subject: CN = Luke Faraone
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
[…]
-----BEGIN CERTIFICATE-----
[…]
-----END CERTIFICATE-----
signature.asc
Description: This is a digitally signed message part
