Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Создать файл конфигурации engine.conf со следующим содержимым:

    Code Block
    languagebash
    openssl_conf = openssl_init

    
    
    [openssl_init]

    
    engines = engine_section

    
    
    [engine_section]

    
    pkcs11 = pkcs11_section

    
    
    [pkcs11_section]

    
    engine_id = pkcs11

    
    dynamic_path = /path/to/engine_pkcs11.so //например, /usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so

    
    MODULE_PATH = /path/to/rtpkcs11ecp.so //например, /usr/lib/librtpkcs11.so

    
    default_algorithms = ALL 

          

  2. При необходимости использовать pkcs11 engine указывать путь к файлу конфигурации engine.conf, например:
    Code Block
    languagebash
    $ OPENSSL_CONF=/path/to/engine.conf openssl req -engine pkcs11 -x509 -new -key 0:45 -keyform engine -out client.pem -subj "/C=RU/ST=Moscow/L=Moscow/O=Aktiv/OU=dev/CN=testuser/emailAddress=
    testuser@mail
    testuser@mail.com"