TLS ? - Githubissues

Pkcs11Interop / Pkcs11Interop.X509Store

Easy to use PKCS#11 based X.509 certificate store

Apache License 2.0

33 stars 18 forks source link

TLS ? #40

Closed fliot closed 2 months ago

fliot commented 2 months ago

Is there a way to use this X509Store for a TLS communication and to handle an HSM /PKCS11 based mutual TLS communication ?

jariq commented 2 months ago

https://github.com/Pkcs11Interop/Pkcs11Interop.X509Store/blob/1.0.0/doc/05_FAQ.md#can-i-use-a-certificate-from-pkcs11interopx509store-for-ssl-connections

fliot commented 2 months ago

Thansk @jariq I understand default .NET platform specific TLS options make it impossible. Do you know some TLS in C# pure implementation which enable HSM/PKCS11 based mutual TLS communication ? Even with lower performance, but exclusively in C# ?

jariq commented 2 months ago

AFAIK Bouncy Castle implements TLS stack in pure C#. It won't support PKCS#11 out of the box but it should be possible to extend it.