Hello all,
I'm trying to create an engine which interfaces to an HSM. I
have successfully created a skeleton for my engine but I'm running into
a fundamental problem with the argument "privkey." An example might
help tee up the question. The command "rsautl -sign" requires the
argument "-inkey". While this makes sense if I'm invoking openssl with
a local private key file, I'm having trouble understanding how this
would fit in when the key is held remotely (HSM). I've seen a reference
that the private key file can be a "pointer" so that the engine/HSM can
address the appropriate key (label).
I would have thought that all external arguments would have been
passed when the engine is referenced through -pre. But, maybe there is
an easier way.
Thanks in advance!
Russell
______________________________________________________________________
OpenSSL Project
http://www.openssl.orgUser Support Mailing List
openssl-users@...
Automated List Manager
majordomo@...
