OpenSSL 1.x
Recall from the overview that OpenSSL has two plugin mechanisms: engines and providers. "Engines" were the plugin mechanism in OpenSSL 1.x. OpenSSL 3.x introduced "providers" and deprecated engines.
This section describes how to set up OpenSSL with an engine-based integration for PKCS#11. It should work on both OpenSSL 1.x and 3.x.
info
When running OpenSSL 3.x we recommend using the provider-based integration since engines are deprecated.
This section also describes how to integrate other applications that use openssl (namely Apache and nginx) with Primus HSM.
Architecture
Architecture graphic from RedHat