Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP - mod_ssl: allow loading PKCS#11 keys without requiring #480

Closed
wants to merge 1 commit into from

Conversation

notroj
Copy link
Collaborator

@notroj notroj commented Sep 12, 2024

SSLCryptoProvider pkcs11 which worked in earlier 2.4.x releases. Fallback to using STORE if possible and the ENGINE could not be loaded

via the ENGINE API without SSLCryptoDevice configured.

* modules/ssl/ssl_engine_pphrase.c
  (modssl_load_keypair_engine): Return APR_ENOTIMPL if the ENGINE
  could not be loaded for the key.
  (modssl_load_engine_keypair): Always try loading via ENGINE
  (as prior to r1914365) but fall back to the STORE API for
  the new APR_ENOTIMPL case.
@notroj notroj force-pushed the modssl-engine-fallback branch from ebef36c to 9d83101 Compare September 12, 2024 15:40
@asfgit asfgit closed this in b9588eb Sep 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant