Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Private key reference in tpm #109

Open
rogrok opened this issue Apr 12, 2024 · 1 comment
Open

Private key reference in tpm #109

rogrok opened this issue Apr 12, 2024 · 1 comment

Comments

@rogrok
Copy link

rogrok commented Apr 12, 2024

I used the tpm2-openssl https://github.com/tpm2-software/tpm2-openssl/tree/master with openssl to generate a CSR for signing. The below command worked fine

openssl req -new -newkey rsa:2048 -out testcert.csr -subj "/C=US/ST=NJ/L=Test/O=c/OU=etes/CN=testcert" -provider tpm2

I was able to sign the CSR with my private PKI as well. The next step is to reference the private key in tpm and the signed public cert for the Nginx to use as a proxy for TLS. Not sure what the key name for the private key in tpm is as there seems to not an easier way to just list the key names.

@MarieCMDM
Copy link

Have you ever resolved that? I'm trying to do the same thing... I was able to male nginx not to rise errors by editing the openssl.cnf file adding tpm2 provider. But i don't really know if it works. I still have some errors of untrusted certificate when trying to access my services ( but maybe i'm doing something wrong when signing the csr or setting nginx for mtsl)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants