On 09/16/2017 12:18 AM, Dr. Stephen Henson wrote:
> On Fri, Sep 15, 2017, Anton Gerasimov wrote:
>
>> So it turns out load_privkey() function of engine_pkcs11.so sets pub_key
>> in the returned 'struct ec_key_st' to NULL. Is it a failure inside
>> engine_pkcs11.so?
>>
> Well sort of. OpenSSL
On Fri, Sep 15, 2017, Anton Gerasimov wrote:
> So it turns out load_privkey() function of engine_pkcs11.so sets pub_key
> in the returned 'struct ec_key_st' to NULL. Is it a failure inside
> engine_pkcs11.so?
>
Well sort of. OpenSSL requires that public key components are set for private
keys
So it turns out load_privkey() function of engine_pkcs11.so sets pub_key
in the returned 'struct ec_key_st' to NULL. Is it a failure inside
engine_pkcs11.so?
Thanks,
Anton Gerasimov
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Greetings,
I'm trying to make OpenSSL (v. 1.0.2j) get client certificate/private
key from a virtual PKCS#11 device, namely SoftHSM. I've imported a
certificate and private key into SoftHSM, configured openssl as
following and run
openssl s_client -engine pkcs11 -connect mydomain.com:443