On Wednesday, December 5, 2012, Ashok C <ash....@gmail.com> wrote:
> Hi,
> Our current SSL server loads plain-text private keys using
the SSL_CTX_use_PrivateKey_file() method. We are moving from this strategy
to use custom encrypted private keys using the TPM concept. For this, we
have an engine implemented. Now the question is this.
> Does my SSL server need to change from loading private keys
using SSL_CTX_use_PrivateKey_file() method to use this method
--> ENGINE_load_private_key(ENGINE *e, const char *key_id,
>
> UI_METHOD *ui_method, void *callback_data)
>
> Or can this be achieved by using the SSL_CTX_use_PrivateKey_file() method
itself and the openssl takes care of loading my encrypted private key with
the help of my implemented engine. Basically wanted to understand if the
SSL_CTX method for loading private keys has the support for loading engine
specific keys.
>
> --
>
> Ashok
>
