Hi,
I have use openssl-1.0.0 and engine_pkcs11 for storing an rsa private
key in a smartcard (feitian epass 3000). I got openssl to access the rsa
private key and used it to create a self-signed certificate like this:
openssl
OpenSSL> engine dynamic \
> -pre SO_PATH:/home/ds/local/lib/engines/engine_pkcs11.so \
> -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD \
> -pre MODULE_PATH:opensc-pkcs11.so
(dynamic) Dynamic engine loading support
[Success]: SO_PATH:/home/ds/local/lib/engines/engine_pkcs11.so
[Success]: ID:pkcs11
[Success]: LIST_ADD:1
[Success]: LOAD
[Success]: MODULE_PATH:opensc-pkcs11.so
Loaded: (pkcs11) pkcs11 engine
OpenSSL> req -new -x509 -engine pkcs11 -keyform engine -text \
> -key slot_1-id_6de677f53533e28254d5890e2d7a15a8135883ca \
engine "pkcs11" set.
PKCS#11 token PIN:
<Certificate related prompts...>
So far so good.
Now, I would like this engine to install automatically i.e. without
having to run the engine command. I tried adding the following to
openssl.cnf
##########################
openssl_conf = openssl_def
[ openssl_def ]
engines = engine_section
[ engine_section ]
pkcs11 = pkcs11_section
[ pkcs11_section ]
engine_id = pkcs11
dynamic_path = /home/ds/local/lib/engines/engine_pkcs11.so
MODULE_PATH = opensc-pkcs11.so
init = 0
##########################
but it doesn't work properly. Here's what I get:
$ openssl engine -t
(dynamic) Dynamic engine loading support
[ unavailable ]
(4758cca) IBM 4758 CCA hardware engine support
[ unavailable ]
(aep) Aep hardware engine support
[ unavailable ]
(atalla) Atalla hardware engine support
[ unavailable ]
(cswift) CryptoSwift hardware engine support
[ unavailable ]
(chil) CHIL hardware engine support
[ unavailable ]
(nuron) Nuron hardware engine support
[ unavailable ]
(sureware) SureWare hardware engine support
[ unavailable ]
(ubsec) UBSEC hardware engine support
[ unavailable ]
(padlock) VIA PadLock (no-RNG, no-ACE)
[ unavailable ]
(gost) Reference implementation of GOST engine
[ available ]
(pkcs11) pkcs11 engine
Auto configuration failed
1116888:error:260B606D:engine routines:DYNAMIC_LOAD:init
failed:eng_dyn.c:521:
1116888:error:260BC066:engine routines:INT_ENGINE_CONFIGURE:engine
configuration error:eng_cnf.c:204:section=pkcs11_section,
name=dynamic_path, value=/home/ds/local/lib/engines/engine_pkcs11.so
1116888:error:0E07606D:configuration file routines:MODULE_RUN:module
initialization error:conf_mod.c:235:module=engines,
value=engine_section, retcode=-1
Can someone shed some light into this?
Thank you,
Dimitrios Siganos
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
