Hi everyone,
I am trying to secure a gRPC connection using OpenSSL 3 with private keys stored in a TPM.
The private key was generated using the TPM2 OpenSSL provider, and I can successfully access and use the key through OpenSSL. However, when I provide the TPM-backed private key reference/path to the gRPC server for TLS configuration, gRPC reports that the private key is missing or cannot be loaded.
My questions are:
Environment:
Any guidance or examples would be greatly appreciated.
Thanks!
I am using gRPC built with a custom OpenSSL version.
I am creating a TPM-backed private key using the following command:
openssl genpkey -provider tpm2 -provider base -algorithm RSA -out test.keyPreviously, when using the TPM engine (tpm2tss), I was able to pass the private key to gRPC by specifying the key path with the engine:tpm2tss prefix.
Since the engine is now deprecated and I have migrated to the TPM2 provider, I am unable to pass the TPM-backed private key to gRPC.
Could you please advise on the correct way to use a TPM2 provider-based private key with gRPC/OpenSSL?
--
You received this message because you are subscribed to a topic in the Google Groups "grpc.io" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/grpc-io/OuM1-8b4DTw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to grpc-io+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/grpc-io/98560ee6-62f4-4499-821e-248340bbda2cn%40googlegroups.com.