any thoughts here?
On 6/3/19 10:03 AM, Erik Madsen wrote:
Is there any possibility of setting second argument here from config?
SSL_CTX_set_client_cert_engine (SSL_CTX * ctx, ENGINE * )
I think at this point it's a Node issue not allowing for an engine to
be used for the key...I know GOST works, but pretty sure that allows
for a PrivateKey to be set.
I am almost 100% that node is getting the cert, but failing to get the
key from the engine, so it's throwing the error "no client cert
method" and according to strace, my engine is loading, but this call
in Node crypto is setting engine fine, but in the TLS connection,
there is no PEM formatted key.
One would think if cURL and s_client can work, NodeJs should also...
It will probably end up being something silly :O
Thanks,
Erik
------------------------------------------------------------------------
*From:* Viktor Dukhovni
*Sent:* Mon Jun 03 09:40:15 PDT 2019
*To:* openssl-users@openssl.org
*Subject:* Re: osf-contact Striking out everywhere
On Mon, Jun 03, 2019 at 04:41:47PM +0100, Matt Caswell wrote:
On 03/06/2019 15:16, Erik Madsen wrote:
Thanks for the reply! Is there any link for avail variables
for openssl.conf?
See: https://www.openssl.org/docs/man1.1.1/man5/config.html
[ssl_section] KeyForm = ENG no success...but at this point,
honestly just scrambling.
KeyForm is not a defined parameter for the SSL module. The
supported parameters are listed in:
https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html