SSL connection failure: PKCS #11 error
Grant Williamson
traxtopel at gmail.com
Wed Mar 6 03:44:58 PST 2024
I am attempting to transition our existing environment of signed
Digicert certificates from RSA-4096 to ECC256. The digicert one
signing process appears to work.
When using a software-emulated TPM, the connection is succesful.
When I try hardware tpm(3 laptops) I encounter the folowing problem
ERROR: Esys_Sign: tpm:parameter(1):structure is the wrong size
SSL connection failure: PKCS #11 error.
I have tried generating the csr to be signed using both tpm2-openssl
and pkcs11-provider, same result.
Maybe the following gives a clue. Any ideas?
(openconnect with --gnutls-debug=99 -v)
https://pastebin.com/d2gT4t6q
More information about the openconnect-devel
mailing list