I'm trying to use the tpm2tss engine on Ubuntu 22.04 that has OpenSSL 3 as the default. The libengine-tpm2-tss-openssl_1.1.0-2_amd64.deb will install. The libengine-tpm2-tss-openssl_1.2.0-2build2_amd64.deb package will NOT install - complains that libssl3t64 is missing, and trying to fix that got me into a system that was unusable. That's probably (l)user error (the 'l' is silent), but I'm back at the 1.1.0 version.
I've tried following various installation guides on adding an [engine_section] to /etc/ssl/openssl.cnf,
I'm trying to use the tpm2tss engine on Ubuntu 22.04 that has OpenSSL 3 as the default. The libengine-tpm2-tss-openssl_1.1.0-2_amd64.deb will install. The libengine-tpm2-tss-openssl_1.2.0-2build2_amd64.deb package will NOT install - complains that libssl3t64 is missing, and trying to fix that got me into a system that was unusable. That's probably (l)user error (the 'l' is silent), but I'm back at the 1.1.0 version.
I've tried following various installation guides on adding an [engine_section] to /etc/ssl/openssl.cnf,
`[openssl_init] engines = engine_section providers = provider_sect ssl_conf = ssl_sect
[provider_sect] default = default_sect
[engine_section] tpm2tss = tpm2tss_section
[tpm2tss_section] engine_id = tpm2tss dynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/tpm2tss.so default_algorithms = RSA `
But when I do that, an 'openssl engine' command gets results of "engine routines:dynamic_load:version incompatibility"
root@machine:/home/dfs/tpm2tsssetup# openssl engine FATAL: Startup failure (dev note: apps_startup()) for openssl 402778B9797F0000:error:13000091:engine routines:dynamic_load:version incompatibility:../crypto/engine/eng_dyn.c:470: 402778B9797F0000:error:13000066:engine routines:int_engine_configure:engine configuration error:../crypto/engine/eng_cnf.c:139:section=tpm2tss_section, name=dynamic_path, value=/usr/lib/x86_64-linux-gnu/engines-1.1/tpm2tss.so 402778B9797F0000:error:0700006D:configuration file routines:module_run:module initialization error:../crypto/conf/conf_mod.c:243:module=engines, value=engine_section retcode=-1
Is there a way to get this working with OpenSSL 3? Thanks.