On Thu, Mar 21, 2024 at 10:39:58AM +0800, Richard Chan wrote: > Subject: Re: [PR] FEATURE: load private keys from PKCS#11 pkcs11-provider PEM > files > On Thu, 21 Mar 2024, 00:15 William Lallemand, <wlallem...@haproxy.com> wrote > > > > > We made test in the past with the TPM2 provider which also uses a URI in > > the privatekey: > > > > https://github.com/haproxy/wiki/wiki/OpenSSL-Providers-in-HAProxy#tpm2-provider > > > Further testing shows that this PR is not needed. Sorry for the noise. > > There is a glitch in pkcs11-provider that requires the private key to be > the first PEM object. Apart from this HAProxy loads the private key with > no issues. >
Okay that's good to read :-) Would you be interested in contributing on the OpenSSL providers wiki page? We could have a pkcs11 section like the one we already have for the TPM2 provider. Regards, -- William Lallemand
