I truely appreciate the help. I reviewed the certsc.cnf file and made sure I exactly duplicated the recommended additions including using "engines" instead of "engine."
But I am still having a few problems... Here is what I have in my config file (certsc.cnf): --- openssl_conf = openssl_init [openssl_init] oid_section = new_oids engines = engine_section [ engine_section ] dynamic = dynamic_section [ dynamic_section ] engine_id = dynamic SO_PATH = /usr/lib/opensc/engine_pkcs11.so ID = pkcs11 LIST_ADD = 1 NO_VCHECK = 1 LOAD = EMPTY --- The error codes have changed. I am pretty sure this is a parsing problem. But I am not sure where to go next. Here are the errors I am now getting. --- Using configuration from certsc.cnf Error configuring OpenSSL 7683:error:0E07406D:configuration file routines:CONF_modules_load:module initialization error:conf_mod.c:234:module=engines, value=engine_section, retcode=-1 --- Any further recommendations? Is there a tool that will verbosely parse the config file and provide some more detail on the meaning of the return code (-1)? Or any other tools you recommend? If it makes any difference, I am using 0.9.7g Regards, Rick -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch Sent: Saturday, July 09, 2005 2:17 AM To: openssl-users@openssl.org Subject: Re: [openssl-users] Dynamic engine / smart card support for CSR generation Robinson, Richard L (Rick) wrote: > I am still running into a few problems and am hoping for a little more > debugging assistance. > > I created these entries in my configuration file (certsc.cnf): > > ---- > engine = engine_section > > [ engine_section ] > smartcard = smartcard_engine > > [ smartcard_engine ] > engine_id = smartcard > SO_PATH = /usr/lib/opensc/engine_pkcs11.so MODULE_PATH = > /usr/lib/pkcs11/opensc-pkcs11.so ID = smartcard LIST_ADD = 1 NO_VCHECK > = 1 LOAD = EMPTY > ---- as Erwann Abalea already told you need something like: openssl_conf = openssl_init; [openssl_init] engines = engine_section; ... in your conf (btw: it should be "engines" and not "engine"). The "openssl_conf" and "engines" Entries are mandatory, without them openssl won't find/parse the engine section. Nils ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
