[pkg-opensc-maint] Bug#1079925: Enabling pkcs11 engine makes openssl req operations fail
Paweł Bogusławski
pawel.boguslawski at ib.pl
Wed Aug 28 16:41:14 BST 2024
Package: opensc-pkcs11
Version: 0.23.0-0.3+deb12u1
In Debian 12 when /etc/ssl/openssl.cnf contains PKCS#11 config like
described on
https://github.com/OpenSC/libp11#using-the-engine-from-the-command-line
generating CSR throws an error
root at myhost:~/tmp# openssl req -new -sha256 -subj '/CN=test at example.com'
-key ./key.pem -out ./csr.pem
4097CD77667F0000:error:03000093:digital envelope
routines:default_check:command not
supported:../crypto/evp/ctrl_params_translate.c:329:
No such error if engines=engine_section line is commented out in
/etc/ssl/openssl.cnf
Look similar to
https://github.com/OpenSC/libp11/issues/456
--
Regards,
Paweł Bogusławski
E: pawel.boguslawski at ib.pl
More information about the pkg-opensc-maint
mailing list