My understanding is there currently is no OpenSSL engine for the MacOSX chain
services.
It would be nice to have and I really wish I had time to collaborate on such
a project, using Stephen Henson's CAPI work as a template.
Currently I would suggest following the same model as OpenSSL for other
Hi,
I took the CAPI engine and extended it to give preference to NCrypt,
otherwise to revert to Crypto API. Implemented for RSA so far (no DSA or ECC
support though BoringSSL have done some ECC work for Windows I could look
at). Tested with RSA, on CNG and on Crypto API based systems. I tried to
Hi,
We have successfully been using the CAPI engine to provide OpenSSL client
cert authentication in environments where Windows Cryptographic Service
Providers (CSP) are used for private key storage.
But we also have a few environments that have migrated from CSP to a Windows
Key Storage