This instructions are based on the Ubuntu Intrepid (8.10) platform.

Install libengine-tpm-openssl, tpm-tools and trousers. They are available in Ubuntu repository. By the time this page was written, there was an error on the .deb file of a dependency of tpm-tools, that is fixed on intrepid-proposed version. Use this repository if needed.

sudo apt-get install libengine-tpm-openssl tpm-tools

Load the kernel module corresponding to your TPM. On Asus W7S, it was "tpm_tis"

sudo modprobe tpm_tis

Start trousers tools service

sudo service trousers start

Create some missing symbolic links:

sudo ln -s /usr/lib/libtspi.so.1 /usr/lib/libtspi.so
sudo ln -s /usr/lib/engines/libtpm.so /usr/lib/ssl/engines/libtpm.so

Initialize TPM keys/passwords

sudo tpm_takeownership

Creating a RSA key and sabe pointer to it on disk:

sudo create_tpm_key -ap <KEYPOINTERFILE>

To use the key with Openssl, just use the parameters -keyform engine -engine tpm and point -key to the KEYPOINTERFILE, like above:

openssl req -keyform engine -engine tpm -key <KEYPOINTERFILE> -new -x509 -days 365 -out <CERTREQUESTOUT>