Closed csstaub closed 5 years ago
Note: If you want to wrap PKCS11 for signing, you may find this higher-level package (which wraps miekg/pkcs11) easier to use: https://github.com/letsencrypt/pkcs11key.
That looks super useful. Thanks @jsha!
Should be possible to do this now via the opaque signer interface
As a possible enhancement, it would be nice to have support for doing decryption/signing on HSMs via PKCS11. Possibly with some sort of wrapper around https://github.com/miekg/pkcs11.