On Wed, Sep 25, 2013, Fili, Tom wrote: > I'm using the capi API to access certificates in the Windows Cert Store. I'm > using the following to get access to the private key > > EVP_PKEY *key = ENGINE_load_private_key(e, subject, 0, 0); > > This seems to work as far as I can tell. Even if the certificate requires a > password the OS prompts the user for it before it allows access. I've > recently run into some customers who don't get the dialog prompt and get a > "key value mismatch" error when it appears to be calling > SSL_CTX_use_PrivateKey. I don't have access to their machines, to do a full > debug session. > > I'm wondering if there is something that affects whether Windows displays the > prompts and if the correct way to do this would be to use > SSL_CTX_set_default_passwd_cb or specify a UI_METHOD to > ENGINE_load_private_key instead of depending on the OS for this. > > Does anyone have any experience in dealing with this? >
The UI and password callback functions are not used with the CAPI ENGINE so setting them will have no effect. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
