Skip to main content

OpenSSL 3.x

Recall from the overview that OpenSSL has two plugin mechanisms: engines and providers. "Engines" were the plugin mechanism in OpenSSL 1.x. OpenSSL 3.x introduced "providers" and deprecated engines.

This section describes how to set up OpenSSL with a provider-based integration. This teaches OpenSSL how to talk to a Securosys HSM over the PKCS#11 API, using an intermediate pkcs11-provider that translates between the OpenSSL API and the PKCS#11 API.

info

This guide only works with OpenSSL 3.x. When running OpenSSL 1.x you need to use the Engine API instead.

Architecture

Architecture: The pkcs11-provider sits between the OpenSSL library and the PKCS#11 interface provided by Securosys

Getting started

Get started withCloudHSM for free.
Other questions?Ask Sales.
Feedback
Need help?