Has anyone managed to get STunnel to work with nCipher using the chil engine?
STunnel appears to load the engine just fine, but failes when loading the key:
[ ] Enabling support for engine "chil" [ ] Initializing engine #1 (chil) [ ] Engine #1 (chil) initialized [.] FIPS mode disabled [ ] Compression disabled [ ] PRNG seeded successfully [ ] Initializing service [https-server] [ ] Loading certificate from file: /usr/local/stunnel/etc/keystores/servercert.crt [ ] Loading key from engine: /usr/local/stunnel/etc/keystores/servercert.key [!] error queue: 26096080: error:26096080:engine routines:ENGINE_load_private_key:failed loading private key [!] ENGINE_load_private_key: 80069066: error:80069066:CHIL engine:HWCRHK_LOAD_PRIVKEY:chil error [!] Service [https-server]: Failed to initialize SSL context
Using openssl directly, the key works fine (both with s_server and s_client).
My stunnel config is pretty simple:
pid = /usr/local/var/log/stunnel.pid debug = 7 output = /usr/local/var/log/stunnel.log options = -NO_SSLv3 engine = chil CApath = /usr/local/etc/cacerts/ [https-server] engineNum=1 accept = 4466 connect = 4433 cert=/usr/local/stunnel/etc/keystores/servercert.crt key=/usr/local/stunnel/etc/keystores/servercert.key
R. Marc