Dod wrote: > Hello Arno, > > Only one BEGIN/END section in each PEM that is only CERTIFICATE. > >> The private key must not neccessarily be an RSA key, do you see any >> other PRIVATE KEY section? > >> That's possible. AFAIK, OpenSSL supports PKCS11 only thru a dynamic >> Engine, to list current active engines you could type >> "openssl engine -v -t" on the command prompt. > > I do load the dynamic engine to make my connection sucessful and > access local certificate using "key 0:04000000" OpenSSL parameter. > > I found a PKCS11 library than can access all objects stored on the > SmartCard so may be I could use it to make my connection work thru > ICS if I can pass correct certificates to ICS.
ICS-SSL currently does not include openssl engine support, however that was just a matter of some hours work to translate the related C headers, but more work was required in order to wrap engine support nicely in a Delphi component. So at the time the only way is to use PEM files. I guess you made some mistake exporting the certificate and private key, try again, I currently don't recall the correct command line, however there are countless FAQ available on the net. -- Arno Garrels > > Regards. -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
