On Thu, Apr 12, 2007, John Dickinson wrote: > Hi, > > Does anyone have any examples/advice on configuring openssl on the fly. So > far I have used OPENSSL_config() to load a config file like this. > > [openssl_def] > engines = engine_section > > [engine_section] > pkcs11 = pkcs11_section > > [pkcs11_section] > engine_id = pkcs11 > dynamic_path = /opt/engine_pkcs11-0.1.3/lib/engines/engine_pkcs11.so > MODULE_PATH = /usr/lib/libpkcs11.so > PIN = nominet1:abc123 > init = 0 > > The config contains the PIN needed to access a keystore but I would prefer > to prompt the user for the pin. I guess I could do something with > CONF_modules_load but have the feeling that there must be an easier or > more elegant way! >
The configuration is sending a sequence of control commands to the ENGINE. So if you send an ENGINE ctrl to the "pkcs11" engine with name "PIN" and value "whatever_PIN" it should work. There might be a way to prompt for the PIN as well: check the specific doc for that ENGINE. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
