General approach for keeping a client cert from openssl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi -

I have a situation coming up that is similar to a client cert being
held on a secure key store, like a key vault.

We need to be able to perform TLS communication with a remote server
using the key, but without giving the key to OpenSSL.

The "other side" of the "key vault" is smart, and we can run code
there, and communicate with it.  So we need to basically proxy OpenSSL
operations on the "other side".

I guess this is nothing new under the sun... what's the general
approach to integrating this to OpenSSL?

Thanks for any advice.

-Andy
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux