On Wed, Dec 05, 2012, Ashok C wrote: > Hi, > > Our current SSL server loads plain-text private keys using the > SSL_CTX_use_PrivateKey_file() > method. We are moving from this strategy to use custom encrypted private > keys using the TPM concept. For this, we have an engine implemented. Now > the question is this. > > Does my SSL server need to change from loading private keys using > SSL_CTX_use_PrivateKey_file() > method to use this method --> ENGINE_load_private_key(ENGINE *e, const char > *key_id, > > UI_METHOD *ui_method, void *callback_data) > >
You can't use SSL_CTX_use_PrivateKey_file to load an ENGINE specific key. Instead you use ENGINE_load_private_key() to load the key into an EVP_PKEY structure and then pass that to SSL_CTX_use_PrivateKey(). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org