Hi Michael, >> This always expands to "-engine chil -keyform engine" in all >> OpenSSL commands that are using private keys, breaking most of >> the Perl module's member functions. >> (LunaCA3 even uses an -enginearg parameter. Does this really work?) > > Chrysalis-ITS (now SafeNet) does not only publish an engine. They publish > a completely patched OpenSSL. Therefore they can use other parameters.
OK I see, so we need no special handling for this. > - we should remove "-keyform engine" from the ENGINE argument and > implement > an automatic detection for an engine in the functions > $cmd .= " -keyform engine" if ($self->{ENGINE}); > This we can add to the three relevant commands and we have not to extend > the interface > > What do you think about this third option, Martin? Sounds good, I'm completely with you... Two more minor issues: First (this may be a SuSE packaging problem), the sample token.xml file references the openca-sv in /usr/local/openca-0.9.2/bin, wheras the RPM installs the binary to /usr/local/bin. I needed to modify this manually in token.xml. Second, the openca-sv also needs the -engine parameter. I worked around it by specifying the required '-engine chil' argument in token.xml. Not pretty but works. Is this the way to go? Martin ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel