Problems with engine-pkcs11

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Problems with engine-pkcs11

lSDriim
This post has NOT been accepted by the mailing list yet.
After installing the engine and add it to the configuration file, as described here, stops working authentication with certificate from a file.
If I understand correctly, then work through the openssl engine-pkcs11 need to explicitly specify it as backend'a (engine pkcs11) and then certificates will be taken with
smart card. But if I want to just authenticate(https) explicitly specify the path to the certificate (files) and not specifying as backend pkcs11 I get an error:

error:14099006:SSL routines:SSL3_SEND_CLIENT_VERIFY:EVP lib


And if you edit the configuration file so that would not have seen this openssl engine, everything works fine.



Command I run:

curl -k -v -o index --cert /usr/lib/ssl/certs/person.crt --key /usr/lib/ssl/private/person.key https://{site}.net/test.a