Page History

sudo mv /usr/local/lib/security/pam_pkcs11.so /usr/lib64/security/

openssl_conf = openssl_init
 
[openssl_init]
engines = engine_section
 
[engine_section]
pkcs11 = pkcs11_section
 
[pkcs11_section]
engine_id = pkcs11
dynamic_path = /usr/lib64/engines-3/pkcs11.so
MODULE_PATH = /usr/lib64/librtpkcs11ecp.so
default_algorithms = ALL

$ OPENSSL_CONF=/path/to/engine.conf openssl req -engine pkcs11 -x509 -new -key 0:45 -keyform engine -out cert.crt -subj "/CN=test/C=RU/ST=Moscow/L=Moscow/O=Aktiv/OU=dev/emailAddress=testuser@mail.com"