Yes I would be happy to include HAProxy with pkcs11-provider examples. On Thu, 21 Mar 2024, 16:43 William Lallemand, <wlallem...@haproxy.com> wrote:
> On Thu, Mar 21, 2024 at 10:39:58AM +0800, Richard Chan wrote: > > Subject: Re: [PR] FEATURE: load private keys from PKCS#11 > pkcs11-provider PEM files > > On Thu, 21 Mar 2024, 00:15 William Lallemand, <wlallem...@haproxy.com> > wrote > > > > > > > > We made test in the past with the TPM2 provider which also uses a URI > in > > > the privatekey: > > > > > > > https://github.com/haproxy/wiki/wiki/OpenSSL-Providers-in-HAProxy#tpm2-provider > > > > > > Further testing shows that this PR is not needed. Sorry for the noise. > > > > There is a glitch in pkcs11-provider that requires the private key to be > > the first PEM object. Apart from this HAProxy loads the private key with > > no issues. > > > > Okay that's good to read :-) > > Would you be interested in contributing on the OpenSSL providers wiki > page? We could have a pkcs11 section like the one we already have for > the TPM2 provider. > > Regards, > > -- > William Lallemand >
