Hi all, Following your advice, I achieved to create a request using a CA private key stored inside a ncipher module, but now when I try to create my certificate using my CA private key I've got this error :
openssl ca -engine chil -keyform engine -keyfile rsa-privateca -policy policy_anything -in server.req -config server.cnf -out server.pem engine "chil" set. Using configuration from server.cnf Loading 'screen' into random state - done CA certificate and CA private key do not match 1352:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:./crypto/x509/x509_cmp.c:284: I did this : * Put this in server.cnf and ca.cnf : engine = chil private_key = rsa-privateca # CA privatekey nfkminfo.exe -k hwcrhk Key listing AppName hwcrhk (2 keys): AppName hwcrhk Ident rsa-privateca AppName hwcrhk Ident rsa-privateserver * CA creation : openssl req -x509 -new -engine chil -key rsa-privateca -keyform engine -out cacert.pem -days 1825 -config ca.cnf OK * Server request generation using private key stored in ncipher module : openssl req -new -engine chil -key rsa-privateserver -keyform enigne -out server.req -config server.cnf OK openssl ca -engine chil -keyform engine -keyfile rsa-privateca -policy policy_anything -in server.req -config server.cnf -out server.pem NOK => see previous error message If you can help me you're welcome Thanks, -- Guillaume ___________________________________________________________ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
