If the MS-CAPI Engine can generate keys, you might be able to use it through
the nCipher CSP to generate hardware protected Signing and Exchange keypairs
for your CAPI container.
I just accomplished this by making use of the nCipher CSP and their command
line utility keytst to generate a
Hi Sander,
Thank you for your elaborate response. It has helped me a great deal.
A follow-up question-
fookey
fookey_certreq
fookey_selfcert
The first one looks a lot like a private key, but it is a dummy key. This is
the key file you pass to the OpenSSL library. It looks so much
None of the above ;-)
If you have the CHIL ENGINE you load a private key using
ENGINE_load_private_key() and pass the appropriate ENGINE pointer and the name
of the key which will presumably be rsa-test.
That will get you an EVP_PKEY pointer which you can pass to
On Mar 6, 2012, at 10:45 AM, Sunjeet Singh wrote:
Hi,
Most of the references on this forum on how to use nCipher HSM with OpenSSL
using the CHIL API (or CAPI) are outdated. I was wondering if anyone had any
pointers to helpful resources in this regard.
I don't know if outdated is the
Thank you for your response.
I don't know if outdated is the word: perhaps there hasn't ever been much.
Some old blogs are referencing helpful blogs/tutorials that are now expired.
Searching online didn't help either.
The CHIL Engine *only* registers for RSA exponentiation, and cannot be
Greetings again, I'm back with another question. Any help will be much
appreciated-
My OpenSSL Application uses the OpenSSL C function call-
SSL_CTX_use_certificate_chain_file( sslCtx, keyFile );
where keyFile is the path to a .PEM file containing the private key and
certificate.
But
On Wed, Mar 07, 2012, Sunjeet Singh wrote:
Greetings again, I'm back with another question. Any help will be much
appreciated-
My OpenSSL Application uses the OpenSSL C function call-
SSL_CTX_use_certificate_chain_file( sslCtx, keyFile );
where keyFile is the path to a .PEM file
On Mar 7, 2012, at 2:12 PM, Sunjeet Singh wrote:
Thank you for your response.
I don't know if outdated is the word: perhaps there hasn't ever been much.
Some old blogs are referencing helpful blogs/tutorials that are now expired.
Searching online didn't help either.
The CHIL Engine
