On Fri, 2024-03-08 at 11:54 +0100, traxto...@gmail.com wrote:
>
> if I attempt the gnutls-cli command, I see the following.
> gnutls-cli --x509certfile=cert.pem --
> x509keyfile="pkcs11:model=%01%01%04%00%02%01%02%00%00%00%00%00%00%00%00
> %00;manufacturer=STMicro;serial=;token=TL_
I changed the patch to just set. Still fails.
inScheme.details.ecdsa.hashAlg = TPM2_ALG_SHA256;
digest.size = 32;
if I attempt the gnutls-cli command, I see the following.
gnutls-cli --x509certfile=cert.pem --
x509keyfile="pkcs11:model=%01%01%04%00%02%01%02%00%00%00%00%00%00%00%00
%00;manufactu
On 7 March 2024 19:03:33 GMT, traxto...@gmail.com wrote:
>David,
>tried to patch it no luck
>i.e.
>diff -ur openconnect-9.12.orig/gnutls_tpm2_esys.c openconnect-
>9.12/gnutls_tpm2_esys.c
>--- openconnect-9.12.orig/gnutls_tpm2_esys.c 2022-04-28
>17:58:05.0 +0200
>+++ openconnect-9.12/gnutl
David,
tried to patch it no luck
i.e.
diff -ur openconnect-9.12.orig/gnutls_tpm2_esys.c openconnect-
9.12/gnutls_tpm2_esys.c
--- openconnect-9.12.orig/gnutls_tpm2_esys.c2022-04-28
17:58:05.0 +0200
+++ openconnect-9.12/gnutls_tpm2_esys.c 2024-03-07 16:03:54.521631835
+0100
@@ -498,12 +49
On Wed, 2024-03-06 at 12:44 +0100, Grant Williamson wrote:
> I am attempting to transition our existing environment of signed
> Digicert certificates from RSA-4096 to ECC256. The digicert one
> signing process appears to work.
> When using a software-emulated TPM, the connection is succesful.
>
>
