You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was able to sign the CSR with my private PKI as well. The next step is to reference the private key in tpm and the signed public cert for the Nginx to use as a proxy for TLS. Not sure what the key name for the private key in tpm is as there seems to not an easier way to just list the key names.
The text was updated successfully, but these errors were encountered:
Have you ever resolved that? I'm trying to do the same thing... I was able to male nginx not to rise errors by editing the openssl.cnf file adding tpm2 provider. But i don't really know if it works. I still have some errors of untrusted certificate when trying to access my services ( but maybe i'm doing something wrong when signing the csr or setting nginx for mtsl)
I used the tpm2-openssl https://github.com/tpm2-software/tpm2-openssl/tree/master with openssl to generate a CSR for signing. The below command worked fine
openssl req -new -newkey rsa:2048 -out testcert.csr -subj "/C=US/ST=NJ/L=Test/O=c/OU=etes/CN=testcert" -provider tpm2
I was able to sign the CSR with my private PKI as well. The next step is to reference the private key in tpm and the signed public cert for the Nginx to use as a proxy for TLS. Not sure what the key name for the private key in tpm is as there seems to not an easier way to just list the key names.
The text was updated successfully, but these errors were encountered: