gRPC TLS with OpenSSL 3 TPM2 Provider – Private Key

31 views
Skip to first unread message

Vishakha Rastogi

unread,
Jun 11, 2026, 9:17:33 AM (yesterday) Jun 11
to grpc.io

Hi everyone,

I am trying to secure a gRPC connection using OpenSSL 3 with private keys stored in a TPM.

The private key was generated using the TPM2 OpenSSL provider, and I can successfully access and use the key through OpenSSL. However, when I provide the TPM-backed private key reference/path to the gRPC server for TLS configuration, gRPC reports that the private key is missing or cannot be loaded.

My questions are:

  1. Does gRPC support TPM2/OpenSSL provider-based keys directly?
  2. Is there a way to configure gRPC to use a TPM-backed private key without exporting the key material?
  3. Has anyone successfully integrated OpenSSL 3 providers (specifically TPM2 provider) with gRPC TLS credentials?

Environment:

  • gRPC: 1.62.0
  • OpenSSL: 3.2.6
  • TPM2 OpenSSL Provider: 1.1.1

Any guidance or examples would be greatly appreciated.

Thanks!

Reply all
Reply to author
Forward
0 new messages