-keyform ENG and NodeJS
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Jun 3 02:14:29 UTC 2019
> On Jun 2, 2019, at 9:47 PM, Erik Madsen <emadsen at hbmachining.com> wrote:
>
> It is TLS and we want Root Of Trust from a non exportable, non readable Private key on the Hardware Security Module.
>
> By explicitly adding "-keyform ENG" s_client works perfectly.
>
> And with cURL "--key-type ENG" also works
>
> NodeJs crypto module has setEngine but there's no option for passing keyform.
>
> I requested from NodeJs team as well, but if we can do something to tell openssl "keyform is always ENG" I think maybe that would work.
If nobody on the list finds something I missed, a feature
request on Github is the next step, or you could do that
right away.
[ Some on the team prefer to track issues on Github from
the outset, I prefer to resolve routine questions on the
list, and move to Github when it is clear that developer
action will be needed to resolve the issue. The workflow
preference is matter of taste... ]
--
Viktor.
More information about the openssl-users
mailing list