-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PKCS11 no longer works in newer version #505
Comments
On what platform and on what capacity? It might be already support or not depending what you actually are looking for. E.g. https://github.com/tpm2-software/tpm2-openssl should already work with OpenVPN. |
I used tpm2-pkcs11 in old versions, but it does not work in the new version of OpenVPN. Would it be possible for you to explain step by step how I can use tpm2-openssl in OpenVPN or at least guide me. |
pkcs11 is should be supported in the old and new version. And also say what old and new version are. So if it doesn't work anymore that is a regression. But you need to provide more input here. Give us a log from the old version and the new version, so we can have an idea what is different. As for helping with tmp2-openssl, I never used that myself, so I cannot help there. But OpenSSL providers work in general, so that one should also work. |
I think the problem is not OpenVPN and tpm2-pkcs11 doesn't work with OpenSSL 3. The new version means the version of OpenVPN that has migrated to OpenSSL 3. openvpn --config ./openvpn.config --ca ./connection.crt --pkcs11-providers /usr/lib/x86_64-linux-gnu/libtpm2_pkcs11.so.1 --pkcs11-id "$URL" The question is, what command should I use in OpenVPN to use tpm2-openssl? Or with what command in general how to introduce TPM to OpenVPN? Even without PKCS11. |
As tpm2-openssl can encapsulate the key in a pem file with Here is a minimal example (untested)
|
Hi,
Is there a plan to support Trusted Platform Module (TPM) in the next release?
Thanks.
The text was updated successfully, but these errors were encountered: