-
This is similar to issue https://github.com/slackhq/nebula/issues/51, but not immediately equivalent. It would be neat to be able to put the CA certificate key on a HSM module like the YubiHSM. If `ne…
-
### Describe the feature
Add support for TLS establishments by using a private key store in the TPM.
### Use Case
Protect the private key by storing it in a TPM
### Proposed Solution
_No response…
-
### Steps To Reproduce
on the self-hosted Bitwarden server side, I am using Stunnel with verify = 2 enforce peer certificate verification, then I am using the same CA to generate a user certificate…
-
Thoughts on adding PKCS12/RFC7292 and (eventually) complete or near complete PFX support? It's a monster and it sucks but it's in wide use thanks to Windows' use of the format.
I'm happy to take ow…
-
**Describe the bug**
qpid-proton uses client certificates/keys located in PEM files by default. When attempting to use a PKCS#11 URI for the private key instead, whether by encoding it into a PEM f…
-
When trying to load certificates with `openssl storeutl` or `openssl cmp` from PKCS#12 files generated by the (Java-based) EJBCA, such as in the attached example [test_123456.zip](https://github.com/o…
-
German umlauts are not imported correctly or are not corrected.
My example
Certificates with umlauts that have an error in the friendlyName will not be corrected.
Instead of "BJÖRN" comes "BJ�RN"…
-
D:\SoftHSM2\bin>softhsm2-util.exe --module D:\SoftHSM2\bin\softhsm2-x64.dll --show-slots
ERROR: Could not load the PKCS#11 library/module: LoadLibraryA failed: 0x000000C1
ERROR: Please check log fil…
-
It is not trivial to enable apps like web browsers to access host PKCS#11 devices nor do the steps appear documented anywhere. A process using a p11-kit-server user service and manual filesystem overr…
-
A configurable key storage backend (plain files, OpenPGP smartcard, PKCS#11 token/HSM, etc.) would greatly benefit the underlying security model of `sbctl` and would enable integration into larger PKI…