OpenSSL 3.0: Apache HTTP Server setup with a PKCS#11 provider
Select and configure a suitable PKCS#11 provider and then configure the Apache HTTP Server.
- Read the information in this topic and select one of the described PKCS#11 providers.
- Read the information about the selected PKCS#11
provider.
There are multiple PKCS#11 providers from which you can select the one that best meets your prerequisites. In this publication, two providers are introduced:
- a PKCS#11 provider for signing operations called pkcs11-sign-provider. See OpenSSL 3.0: PKCS#11 provider for signing operations.
- a general PKCS#11 provider supporting a broader
range of operations called pkcs11-provider. See OpenSSL 3.0: PKCS#11 general provider
If you decide to use one of these, read the description and configuration information in the respective topic.
- After your decision on which of the described providers to use, read topic Apache HTTP Server configuration for PKCS#11. This topic describes for both providers, how to configure an Apache HTTP Server to exploit a connection between OpenSSL and PKCS#11.