Is there any possibility of setting second argument here from config? SSL_CTX_set_client_cert_engine (SSL_CTX * ctx, ENGINE * )
I think at this point it's a Node issue not allowing for an engine to be used for the key...I know GOST works, but pretty sure that allows for a PrivateKey to be set. I am almost 100% that node is getting the cert, but failing to get the key from the engine, so it's throwing the error "no client cert method" and according to strace, my engine is loading, but this call in Node crypto is setting engine fine, but in the TLS connection, there is no PEM formatted key. One would think if cURL and s_client can work, NodeJs should also... It will probably end up being something silly :O Thanks, Erik -------- Original Message -------- From: Viktor Dukhovni <openssl-us...@dukhovni.org> Sent: Mon Jun 03 09:40:15 PDT 2019 To: openssl-users@openssl.org Subject: Re: osf-contact Striking out everywhere On Mon, Jun 03, 2019 at 04:41:47PM +0100, Matt Caswell wrote: > On 03/06/2019 15:16, Erik Madsen wrote: > > > Thanks for the reply! Is there any link for avail variables for > > openssl.conf? > > See: > > https://www.openssl.org/docs/man1.1.1/man5/config.html > > > > > [ssl_section] > > KeyForm = ENG > > > > no success...but at this point, honestly just scrambling. KeyForm is not a defined parameter for the SSL module. The supported parameters are listed in: https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html -- Viktor.
