[openssl.org #2463] [PATCH]: OpenSSL 1.0.0d: Add abbility to load server certificate by ENGINE.

Wed, 02 Mar 2011 02:27:56 -0800 

Hello,

Please find file attached: server_cert_from_engine4.patch
This is a patch to allow loading server SSL certificate by ENGINE.

Currently OpenSSL allows loading certificate only from a file.
Loading by specific engine is required for hardware-based engines, which
used their own certificate storages, as well as any Microsoft CAPI-based
CSP.

Although there is no such engines implemented for OpenSSL yet, sooner it
will.

Affected files:

apps/apps.c
apps/s_server.c
crypto/engine/engine.h
crypto/engine/eng_int.h
crypto/engine/eng_pkey.c

Patch created using this command:
diff -rupN openssl-1.0.0d/ openssl-1.0.0d-engine-srv-cert/ >
server_cert_from_engine4.patch



To apply pach use follwing command in current OpenSSL root dev. directory:

patch -p1 -l -u -b -i server_cert_from_engine4.patch


After applying this patch s_server will accept "-certform ENGINE" option.

This patch supplied by Stonesoft Corporation, who give me permission to
supply it to OpenSSL.

Feel free to contact with me with any related questions.

Andrey.
Hello,

Please find file attached: server_cert_from_engine4.patch
This is a patch to allow loading server SSL certificate by ENGINE.

Currently OpenSSL allows loading certificate only from a file.
Loading by specific engine is required for hardware-based engines, which used their own certificate storages, as well as any Microsoft CAPI-based CSP.

Although there is no such engines implemented for OpenSSL yet, sooner it will.

Affected files:

apps/apps.c
apps/s_server.c
crypto/engine/engine.h
crypto/engine/eng_int.h
crypto/engine/eng_pkey.c

Patch created using this command:
diff -rupN openssl-1.0.0d/ openssl-1.0.0d-engine-srv-cert/ > server_cert_from_engine4.patch



To apply pach use follwing command in current OpenSSL root dev. directory:

patch -p1 -l -u -b -i server_cert_from_engine4.patch


After applying this patch s_server will accept "-certform ENGINE" option.

This patch supplied by Stonesoft Corporation, who give me permission to supply it to OpenSSL.

Feel free to contact with me with any related questions.

Andrey.

Attachment: server_cert_from_engine4.patch
Description: Binary data

Reply via email to