On Fri, Apr 27, 2012, Florian Ruechel wrote: > Classification: Public > > Hello fellow OpenSSL users, > > I am interacting with the CAPI engine of OpenSSL and I was already able to > create a CSR from a private key stored in the windows keystore. > Now here is what I want to do: > - Generate new KeyPair > - Generate CSR of this KeyPair > - Import the Certificate I get from my CA into the Windows Keystore via > CAPI / OpenSSL engine > > Does the engine support the first and last point? Would you maybe point me > where to look for this? Currently I can neither find the implementation of > CertAddCertificateContextToStore nor PFXImportCertStore for the last one > nor any function to generate a key (though I am not sure CAPI supports > this). >
The ENGINE does not currently support CAPI based key generation. You'd have to use a different tool to generate a key with a known container name and then use that for the CSR generation: which the CAPI ENGINE can handle. Certificate importing also has to be done via CAPI not the ENGINE. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
