This should be a relatively trivial change to
ssl_pphrase_Handle()... if szCryptoDevice is non-NULL, pass the
private key path as the key_id to ENGINE_load_private_key. If that
fails, fall back to the normal PEM loading code...


> I've been looking into enabling apache+mod_ssl to use hardware keys
> encrypted by a TPM. I have openssl's s_server test working using an
> openssl TPM engine [1] and trousers [2]. It looks like the key to
> getting this working in apache is support for engine format keys in
> mod_ssl. Is there any interest in enabling engine format keys in
> mod_ssl, or, is there another path to accomplish what I'm trying to
> do?
> Thanks,
> Kent
> [1]

> [2]

Kent Yoder
IBM LTC Security Dev.
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl)
User Support Mailing List
Automated List Manager