Hello, OpenSSL 3.0.0 deprecated the support for using engines and introduced the concept of providers. If your package requires openssl-pkcs11 (libp11, engine_pkcs11), we recommend that you stop using it, and migrate to using the pkcs11-provider instead. We plan to deprecate and remove openssl-pkcs11 by Fedora 41
The pkcs11-provider [1] (available since Fedora 38) is an Openssl 3.0.0 provider designed to access Hardware or Software Tokens using the PKCS#11 Cryptographic Token Interface. To read more about the pkcs11-provider you can have a look at [2]- If you have any questions kindly start a discussion here [4] we are more than happy to help. List of packages that require openssl-pkcs11 - libssh, rng-tools, libp11-devel, freeipa-server-dns, bind-dyndb-ldap, cryptobone, nginx, apache2 Just a note that pkcs11-provider is a new project and we are working continuously to improve it and test it extensively. If you encounter any issues, feel free to report them upstream [3]. Thank you for your understanding and we are looking forward to your collaboration. [1] https://koji.fedoraproject.org/koji/packageinfo?packageID=37379 [2] https://github.com/latchset/pkcs11-provider. [3] https://github.com/latchset/pkcs11-provider/issues [4] https://github.com/latchset/pkcs11-provider/discussions
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue