-keyform ENG and NodeJS
Erik Madsen
emadsen at hbmachining.com
Mon Jun 3 02:19:48 UTC 2019
https://github.com/nodejs/help/issues/1622
Here is a more detailed explanation of how NodeJS is failing...I posted in November, but we are close to production, so scrambling to find solutions
Thanks so much for the help.
-------- Original Message --------
From: Viktor Dukhovni <openssl-users at dukhovni.org>
Sent: Sun Jun 02 19:14:29 PDT 2019
To: "openssl-users at openssl.org" <openssl-users at openssl.org>
Subject: Re: -keyform ENG and NodeJS
> On Jun 2, 2019, at 9:47 PM, Erik Madsen <emadsen at hbmachining.com> wrote:
>
> It is TLS and we want Root Of Trust from a non exportable, non readable Private key on the Hardware Security Module.
>
> By explicitly adding "-keyform ENG" s_client works perfectly.
>
> And with cURL "--key-type ENG" also works
>
> NodeJs crypto module has setEngine but there's no option for passing keyform.
>
> I requested from NodeJs team as well, but if we can do something to tell openssl "keyform is always ENG" I think maybe that would work.
If nobody on the list finds something I missed, a feature
request on Github is the next step, or you could do that
right away.
[ Some on the team prefer to track issues on Github from
the outset, I prefer to resolve routine questions on the
list, and move to Github when it is clear that developer
action will be needed to resolve the issue. The workflow
preference is matter of taste... ]
--
Viktor.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190602/5307c665/attachment.html>
More information about the openssl-users
mailing list