You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So we are using openssl to have a TLS server with the private key in the TPM. we are able to access it with Openssl 1.1 using tpm2tss engine and are able to successfully use the server and client as below
And the client we used openssl s_client -connect localhost:1234 -cipher AES128-GCM-SHA256 -debug -msg -min_protocol TLSv1.2 -max_protocol TLSv1.2
In OpenSSL3, we tried the tpm2 provider and we are getting the TLS alert decrypt error during the TLS handshake (with the same client connection as above)
So we are not sure how to pass any additional parameters to pass(so we dont get salt length check failure) in openssl 3 with tpm2 provider so that we dont get the salt length error. the TPM could not be the issue as it works perfectly for the same keys in openssl1 on the same machine ?
The text was updated successfully, but these errors were encountered:
So we are using openssl to have a TLS server with the private key in the TPM. we are able to access it with Openssl 1.1 using tpm2tss engine and are able to successfully use the server and client as below
openssl s_server -cert ssl_certificate.pem -key 0x81000008 -keyform engine -engine tpm2tss -cipher AES128-GCM-SHA256 -debug -msg -accept 1234 -cert_chain combinedchain.pem -min_protocol TLSv1.2 -max_protocol TLSv1.2
And the client we used
openssl s_client -connect localhost:1234 -cipher AES128-GCM-SHA256 -debug -msg -min_protocol TLSv1.2 -max_protocol TLSv1.2
In OpenSSL3, we tried the tpm2 provider and we are getting the TLS alert decrypt error during the TLS handshake (with the same client connection as above)
openssl s_server -provider tpm2 -provider default -propquery '?provider=tpm2' -accept 1234 -key 0x81000008 -cert ssl_certificate.pem -cert_chain combinedchain.pem
This is the error in Openssl3 server
The below is the error in Openssl3 client
So we are not sure how to pass any additional parameters to pass(so we dont get salt length check failure) in openssl 3 with tpm2 provider so that we dont get the salt length error. the TPM could not be the issue as it works perfectly for the same keys in openssl1 on the same machine ?
The text was updated successfully, but these errors were encountered: