httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@opensslfoundation.com>
Subject Re: mod_ssl and pkcs11
Date Wed, 27 Nov 2013 14:33:58 GMT
On 27/11/2013 12:26, Nick Gearls wrote:
> Maybe it's time to remove all redundant code in mod_ssl and use all features of
> OpenSSL; PKCS#11 will then be automatically supported and the maintenance of
> mod_ssl will be simplified a lot.
> 

PKCS#11 support isn't native in OpenSSL though some third party ENGINEs do
include partial support.

Completely transparent support is tricky (and in some cases impossible) due
several factors including the way PKCS#11 handles fork().

Steve.
-- 
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shenson@opensslfoundation.com

Mime
View raw message