osf-contact Striking out everywhere

Erik Madsen emadsen at hbmachining.com
Mon Jun 3 17:03:56 UTC 2019


Is there any possibility of setting second argument here from config?

SSL_CTX_set_client_cert_engine (SSL_CTX * ctx, ENGINE * )

I think at this point it's a Node issue not allowing for an engine to be used for the key...I know GOST works, but pretty sure that allows for a PrivateKey to be set.

I am almost 100% that node is getting the cert, but failing to get the key from the engine, so it's throwing the error "no client cert method" and according to strace, my engine is loading, but this call in Node crypto is setting engine fine, but in the TLS connection, there is no PEM formatted key.

One would think if cURL and s_client can work, NodeJs should also...

It will probably end up being something silly :O

⁣Thanks,

Erik​


-------- Original Message --------
From: Viktor Dukhovni <openssl-users at dukhovni.org>
Sent: Mon Jun 03 09:40:15 PDT 2019
To: openssl-users at openssl.org
Subject: Re: osf-contact Striking out everywhere

On Mon, Jun 03, 2019 at 04:41:47PM +0100, Matt Caswell wrote:

> On 03/06/2019 15:16, Erik Madsen wrote:
>
> > Thanks for the reply! Is there any link for avail variables for openssl.conf? 
> 
> See:
> 
> https://www.openssl.org/docs/man1.1.1/man5/config.html
> 
> > 
> > [ssl_section]
> > KeyForm = ENG
> > 
> > no success...but at this point, honestly just scrambling.

KeyForm is not a defined parameter for the SSL module.  The
supported parameters are listed in:

    https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html

-- 
	Viktor.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190603/c30920e0/attachment.html>


More information about the openssl-users mailing list