--- On Fri, 1/4/13, Wietse Venema <[email protected]> wrote:
> From: Wietse Venema <[email protected]> > Subject: Re: TLS Server Key on HSM > To: "Postfix users" <[email protected]> > Date: Friday, January 4, 2013, 9:12 AM > Harakiri: > > Is it possible to not only configure a key (pem) file > for the > > server key but also a location on a secure token ? E.g. > somehow > > set the openssl engine parameter for postfix instead of > using > > smtpd_tls_key_file? > > > > Is the same possible for client authentication (e.g. > sending to a > > domain which requires X.509 auth) > > All features are described in http://www.postfix.org/TLS_README.html > Is that another way of saying - NO HSM is not supported - because i read that document, there is no mentioning of openssl engine, or HSM. Here is the part: "If a certificate is to be presented, it must be in "PEM" format. The private key must not be encrypted, meaning: it must be accessible without password."
