[openssl-dev] Using openssl with a remote private key
Fedor Indutny
fedor at indutny.com
Tue Mar 17 17:37:04 UTC 2015
Hello Tigran!
I was using:
https://github.com/indutny/bud/compare/master...feature/async-key-ex
For quite a long time now. It seems that you have your own solution, but
anyway posted it here in case you are interested.
Cheers!
On Tue, Mar 17, 2015 at 8:44 AM, Tigran Gyonjyan (BLOOMBERG/ 731 LEX) <
tgyonjyan at bloomberg.net> wrote:
> Hi there!
>
> Recently I had to work on an openssl project where due to security
> requirements I had to place the private key for the server certificate on
> another machine. In order to be able to make openssl ignore the fake
> private key in the certificate I had to "hack" some data structures to
> delegate the handshake decrypt to the remote machine so that the handshake
> could succeed.
>
> I was wondering if this capability to delegate the decrypt function can be
> useful enough to incorporate into the official version.
> In cases when the client and the server are located on user's machine it
> is a risk to keep the private key on that machine.
>
> Let me know if there is a better solution for this problem.
>
> Cheers,
> Tigran
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150317/c0e27897/attachment.html>
More information about the openssl-dev
mailing list