Welcome! Log In Create A New Profile

Advanced

Re: patch to allow loading PKCS #11 URLs

Nikos Mavrogiannopoulos
June 19, 2015 10:40AM
On Fri, 2015-06-19 at 17:07 +0300, Maxim Dounin wrote:
>
> Have you tried
> ssl_certificate_key
> "engine:pkcs11:model=SoftHSM%20v2serial=f0490bea35;pin-value=1234";
> instead?
> I don't see how it's different from the code you propose.

Hi,
Yes, I've tried it. It would be specified as:
"engine:pkcs11:pkcs11:model=SoftHSM%20v2serial=f0490bea35;pin
-value=1234";

But doesn't work, because it doesn't initialize the pkcs11 engine.
Furthermore, the "engine:pkcs11:pkcs11:" approach defeats the purpose
of PKCS #11 URLs which is to use the same string to identify the same
keys on all applications.

regards,
Nikos

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

patch to allow loading PKCS #11 URLs

Nikos Mavrogiannopoulos 1073 June 19, 2015 09:50AM

Re: patch to allow loading PKCS #11 URLs

Maxim Dounin 450 June 19, 2015 10:08AM

Re: patch to allow loading PKCS #11 URLs

Nikos Mavrogiannopoulos 433 June 19, 2015 10:40AM

Re: patch to allow loading PKCS #11 URLs

Maxim Dounin 471 June 21, 2015 09:12PM

Re: patch to allow loading PKCS #11 URLs

Nikos Mavrogiannopoulos 861 June 22, 2015 05:08AM

Re: patch to allow loading PKCS #11 URLs

Nikos Mavrogiannopoulos 460 June 24, 2015 09:28AM

Re: patch to allow loading PKCS #11 URLs

Maxim Dounin 538 July 05, 2015 08:02PM

enhanced pkcs11 patch [was: patch to allow loading PKCS #11 URLs]

Nikos Mavrogiannopoulos 469 July 15, 2015 02:22AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 299
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready