|

Computer Security

»

Encryption and Cryptography

»

»

How to make OpenCA use OpenSSL engine?

View: New views

5 Messages — Rating Filter: Alert me

	How to make OpenCA use OpenSSL engine? by Allen Liu (allliu) :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message How to make OpenCA use OpenSSL engine? Hi, I’m new to OpenCA and trying to configure OpenCA to use OpenSSL engine. Is there a document or examples on this? Can some one give me a pointer? I’d appreciate it! Thanks a lot! Allen ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Openca-Users mailing list Openca-Users@... https://lists.sourceforge.net/lists/listinfo/openca-users
	Re: How to make OpenCA use OpenSSL engine? by John A. Sullivan III :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Thu, 2009-09-03 at 16:13 -0700, Allen Liu wrote: > Hi, > > I’m new to OpenCA and trying to configure OpenCA to use OpenSSL > engine. Is there a document or examples on this? > Can some one give me a pointer? I’d appreciate it! <snip> Hmmm . . . I thought it did that by default. Not sure, though - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan@... http://www.spiritualoutreach.com Making Christianity intelligible to secular society ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Openca-Users mailing list Openca-Users@... https://lists.sourceforge.net/lists/listinfo/openca-users
	Re: How to make OpenCA use OpenSSL engine? by Allen Liu (allliu) :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message No, it's not. OpenSSL ENGINE is a loadable module for talking to HSM (hardware Secure Module) or smart card through PKCS 11 in order to utilize keys stored inside as well as hardware-implementated algorithms. I know how to use OpenSSL ENGINE to talk to HSM but don't know to make OpenCA use ENGINE. Thanks, Allen On 9/3/09 5:00 PM, "John A. Sullivan III" <jsullivan@...> wrote: > On Thu, 2009-09-03 at 16:13 -0700, Allen Liu wrote: > Hi, > > I¹m new to > OpenCA and trying to configure OpenCA to use OpenSSL > engine. Is there a > document or examples on this? > Can some one give me a pointer? I¹d appreciate > it! <snip> Hmmm . . . I thought it did that by default. Not sure, though - > John -- John A. Sullivan III Open Source Development Corporation +1 > 207-985-7880 jsullivan@... http://www.spiritualoutreach.com M > aking Christianity intelligible to secular > society -------------------------------------------------------------------- > ---------- Let Crystal Reports handle the reporting - Free Crystal Reports > 2008 30-Day trial. Simplify your report design, integration and deployment - > and focus on what you do best, core application coding. Discover what's new > with Crystal Reports now. > http://p.sf.net/sfu/bobj-july _______________________________________________ > Openca-Users mailing > list Openca-Users@... https://lists.sourceforge.net/lists/li > stinfo/openca-users ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Openca-Users mailing list Openca-Users@... https://lists.sourceforge.net/lists/listinfo/openca-users
	Re: How to make OpenCA use OpenSSL engine? by Ralf Hornik Mailings :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, when your HSM has an engine for Openssl you can attach the HSM in tokens.xml like OpenSC token. Look for OpenSC in tokens.xml and create one for your HSM as similar. Regards Ralf Allen Liu <allliu@...> wrote: > No, it's not. > > OpenSSL ENGINE is a loadable module for talking to HSM (hardware Secure > Module) or smart card through PKCS 11 in order to utilize keys stored inside > as well as hardware-implementated algorithms. > > I know how to use OpenSSL ENGINE to talk to HSM but don't know to make > OpenCA use ENGINE. > > > Thanks, > Allen > > On 9/3/09 5:00 PM, "John A. Sullivan III" <jsullivan@...> > wrote: > >> On Thu, 2009-09-03 at 16:13 -0700, Allen Liu wrote: >> Hi, >> >> I¹m new to >> OpenCA and trying to configure OpenCA to use OpenSSL >> engine. Is there a >> document or examples on this? >> Can some one give me a pointer? I¹d appreciate >> it! > <snip> > Hmmm . . . I thought it did that by default. Not sure, though - >> John > -- > John A. Sullivan III > Open Source Development Corporation > +1 >> 207-985-7880 > jsullivan@... > > http://www.spiritualoutreach.com > M >> aking Christianity intelligible to secular >> society > > > -------------------------------------------------------------------- >> ---------- > Let Crystal Reports handle the reporting - Free Crystal Reports >> 2008 30-Day > trial. Simplify your report design, integration and deployment - >> and focus on > what you do best, core application coding. Discover what's new >> with > Crystal Reports now. >> http://p.sf.net/sfu/bobj-july > _______________________________________________ > >> Openca-Users mailing >> list > Openca-Users@... > https://lists.sourceforge.net/lists/li >> stinfo/openca-users > > > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > _______________________________________________ > Openca-Users mailing list > Openca-Users@... > https://lists.sourceforge.net/lists/listinfo/openca-users > -- alles bleibt anders... ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Openca-Users mailing list Openca-Users@... https://lists.sourceforge.net/lists/listinfo/openca-users
	Re: How to make OpenCA use OpenSSL engine? by Massimiliano Pala-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Allen, as Ralf said, check the OpenSC token in the tokens.xml configuration - it is quite easy to setup the Engine. One small warning: if you are using the engine for accessing a P11 device, be careful that when you generate keys with that, the key is actually generated in software and then stored on the device (instead of using the PKCS11 key generation on hardware directly...). Later, Max On 09/03/2009 08:39 PM, Allen Liu wrote: > No, it's not. > > OpenSSL ENGINE is a loadable module for talking to HSM (hardware Secure > Module) or smart card through PKCS 11 in order to utilize keys stored inside > as well as hardware-implementated algorithms. > > I know how to use OpenSSL ENGINE to talk to HSM but don't know to make > OpenCA use ENGINE. -- Best Regards, Massimiliano Pala --o------------------------------------------------------------------------ Massimiliano Pala [OpenCA Project Manager] openca@... project.manager@... Dartmouth Computer Science Dept Home Phone: +1 (603) 369-9332 PKI/Trust Laboratory Work Phone: +1 (603) 646-8734 --o------------------------------------------------------------------------ People who think they know everything are a great annoyance to those of us who do. -- Isaac Asimov ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Openca-Users mailing list Openca-Users@... https://lists.sourceforge.net/lists/listinfo/openca-users smime.p7s (4K) Download Attachment