Previous: Enabling/Disabling RSAES-PKCS1-v1_5, Up: System-wide configuration of the library [Contents][Index]
Since version 3.8.10 it is possible to plug a PKCS#11 module into GnuTLS and override the default cryptographic backend of the library with the cryptographic functions provided by the module.
A PKCS#11 module can be configured to serve as cryptographic backend by adding
path and pin in the [provider] section.
path: path to the PKCS#11 module.
pin: PIN for logging into the PKCS#11 token.
The following example shows how to use a PKCS#11 module as cryptographic backend. Note that the module has to be initialized first.
[provider] path = /usr/lib64/pkcs11/libkryoptic_pkcs11.so pin = 1234