To dynamically add a new engine into openssl execution environment, follow the steps below: In command shell, type: $openssl OpenSSL> Next, enter the command to add a new dynamic engine: OpenSSL> engine -t dynamic -pre SO_PATH:<path/to/engine/file.so> -pre ID:<engine_id> -pre LIST_ADD:1 -pre LOAD -pre <other_engine_param (e.g. IP or port if remote access through TCP/IP)> (dynamic) Dynamic engine loading support [Success]: SO_PATH:path/to/engine/file.so [Success]: ID:engine_id [Success]: LIST_ADD:1 [Success]: LOAD [Success]: ADDRESS_CONN:10.1.1.1 #example of another parameter Loaded: (engine_id) YOUR engine [ available ] To test the availability: OpenSSL> engine (padlock) VIA PadLock (no-RNG, no-ACE) (dynamic) Dynamic engine loading support (engine_id) ID engine #if everything went OK, you should see your engine loaded Using the key to sing a certificate request: OpenSSL> req -engine <engine_id> -new -key <key_id> -keyform engine -out req.pem -text -x509 -subj "/CN=John Doe" |
Dynamic Engines |