You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After ensuring opensc-pkcs11 library is updated to 0.24 - openssl (v3) doesn't seem to work with this integration. Keen to explore if it's something I've done wrong or genuinely a problem with the latest versions of OpenSSL
./scripts/yk-sign-int.sh CA INT_CA
Signing intermediate certificate: CA/CA.crt with CA/INT_CA.crt
Engine "pkcs11" set.
Certificate request self-signature ok
subject=C = HK, ST = HK, O = ORG, OU = Security, CN = CA
The private key was not found on slot 0
The private key was not found on slot 0
The private key was not found at: slot_0-id_2
PKCS11_get_private_key returned NULL
Could not read CA private key from org.openssl.engine:pkcs11:slot_0-id_2
:error:40000065:pkcs11 engine:ERR_ENG_error:object not found:eng_back.c:887:
:error:13000080:engine routines:ENGINE_load_private_key:failed loading private key:crypto/engine/eng_pkey.c:79:
The text was updated successfully, but these errors were encountered:
iinteresting, it's been a while since i've looked at this but there's a bit of tomfoolery related to the uses of each slot. did the steps up to signing an intermediate (particularly yk-load.sh to get the certificate and key loaded onto the CA yubikey) work? and does ykman piv info show the CA certificate and key as loaded?
After ensuring opensc-pkcs11 library is updated to 0.24 - openssl (v3) doesn't seem to work with this integration. Keen to explore if it's something I've done wrong or genuinely a problem with the latest versions of OpenSSL
The text was updated successfully, but these errors were encountered: