Skip to main content

Introduction

note

The pkcs11-provider was designed to work with OpenSSL v3. When running OpenSSL v1.1 we recommend using the OpenSSL p11-kit instead.

The OpenSSL pkcs11-provider provides a convenient way to interact with the Primus HSM using the familiar OpenSSL API. The following diagram shows the architecture.

Architecture: The pkcs11-provider sits between the OpenSSL library and the PKCS#11 interface provided by Securosys

The open-source OpenSSL PKCS#11 provider implementation latchset pkcs11-provider is used. Pre-built binaries that are tested with our HSM can be found in the downloads section.