Thanks Steve and Kent for the pointers. Makes things clear for now. On Thu, Dec 6, 2012 at 4:22 AM, Dr. Stephen Henson <st...@openssl.org>wrote:
> On Wed, Dec 05, 2012, Ashok C wrote: > > > Hi, > > > > Our current SSL server loads plain-text private keys using the > > SSL_CTX_use_PrivateKey_file() > > method. We are moving from this strategy to use custom encrypted private > > keys using the TPM concept. For this, we have an engine implemented. Now > > the question is this. > > > > Does my SSL server need to change from loading private keys using > > SSL_CTX_use_PrivateKey_file() > > method to use this method --> ENGINE_load_private_key(ENGINE *e, const > char > > *key_id, > > > > UI_METHOD *ui_method, void *callback_data) > > > > > > You can't use SSL_CTX_use_PrivateKey_file to load an ENGINE specific key. > Instead you use ENGINE_load_private_key() to load the key into an EVP_PKEY > structure and then pass that to SSL_CTX_use_PrivateKey(). > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
