Welcome! Log In Create A New Profile

Advanced

PKCS#11 key not properly supported?

Ali Kiaian
February 25, 2016 03:36AM
I'll try to keep this message simple.

E.G this command will work using the new version of engine_pkcs11:

sudo openssl req -engine pkcs11 -new -key
"pkcs11:model=SoftHSM;manufacturer=SoftHSM;serial=1;token=;id=%d4%b1%6d%62%5f%8c%f4%ec%19%05%0e%bc%2e%a0%9e%0f%d3%f1%2f%87;object=cakey;object-type=private;pin-value=1111"
-keyform engine -out req.pem -text -x509 -subj "/CN=Test"

But this will result in error:

ssl_certificate_key
"engine:pkcs11:pkcs11:model=SoftHSM;manufacturer=SoftHSM;serial=1;token=;id=%d4%b1%6d%62%5f%8c%f4%ec%19%05%0e%bc%2e%a0%9e%0f%d3%f1%2f%87;object=cakey;object-type=private;pin-value=1111";

The error message is:

nginx: [emerg]
ENGINE_load_private_key("pkcs11:model=SoftHSM;manufacturer=SoftHSM;serial=1;token=;id=%d4%b1%6d%62%5f%8c%f4%ec%19%05%0e%bc%2e%a0%9e%0f%d3%f1%2f%87;object=cakey;object-type=private;pin-value=1111")
failed (SSL: error:26096075:engine routines:ENGINE_load_private_key:not
initialised)

Any help regarding this is appreciated, Thanks.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

PKCS#11 key not properly supported?

Ali Kiaian February 25, 2016 03:36AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 79
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready