I'm trying to create an OpenSSH key, derived from the TPM chip. I'm sure
my method is quite contrived, but I'm pressing on anyways. Except, I'm
stuck at this error, which I don't know how to get around. I try
following the README[1].
I can generate the tpm key fine:
$ create_tpm_key tpm.key
SRK Password:
Success.
But when I try to create the SSL cert, I get an 'unsupported algorithm'
error. (I used all default values for OpenSSL, as I'm just messing
around at the moment.)
$ openssl req -keyform engine -engine tpm -key tpm.key -new -x509 -days 265
-out cert
engine "tpm" set.
SRK authorization:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
problems making Certificate Request
140681037248168:error:0B07806F:x509 certificate
routines:X509_PUBKEY_set:unsupported algorithm:x_pubkey.c:118:
By the way, if anyone is interested in how I was planning on converting
the OpenSSL certificate, I was planning on following [2], for better or
for worse. And, using that guide, I was hoping to generate a GPG key,
and actually start using PGP keys.
[1]:
http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/openssl_tpm_engine;a=blob;f=README
[2]:
http://sysmic.org/dotclear/index.php?post/2010/03/24/Convert-keys-betweens-GnuPG%2C-OpenSsh-and-OpenSSL
------------------------------------------------------------------------------
Automate Storage Tiering Simply
Optimize IT performance and efficiency through flexible, powerful,
automated storage tiering capabilities. View this brief to learn how
you can reduce costs and improve performance.
http://p.sf.net/sfu/dell-sfdev2dev
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
