> If the MS-CAPI Engine can generate keys, you might be able to use it through > the nCipher CSP to generate hardware protected Signing and Exchange keypairs > for your CAPI container.
I just accomplished this by making use of the nCipher CSP and their command line utility "keytst" to generate a container and Signing and Exchange key pairs within that container. A little glitch that I ran into was the permissions on the created container file. When issuing "keytst -c fooContainer", a container got created but I was unable to access it using subsequence keytst commands. I noticed in the KM_LOCAL directory that there is a lock against the icon for the container file. For now, I manually changed the permissions to allow Administrator full access to the file and this way I was able to generate keys within the created container. Now onto using CryptoAPI for integration with OpenSSL. I'll post my queries on that in a different thread, since this one started off talking about using the CHIL API. Thanks, Sunjeet ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
