[gnutls-help] Certtool and TPM
nmav at gnutls.org
Mon Jun 1 21:40:46 CEST 2015
On Mon, 2015-06-01 at 12:38 +0000, Marcos Simó Picó wrote:
> Hi everyone,
> I'm trying to generate a certificate of a key stored in a TPM using
> certtool. Basically I was following the commands explained
> in http://nmav.gnutls.org/2012/08/using-trusted-platform-module-to.html
> I can generate the RSA key pair and get the public part perfectly,
> however, when I invoke certtool for generating a certificate, it
> returns: Error in provided SRK password for TPM. As far as I know,
> there's no option to provide the SRK to certtool.
> I'm using GnuTLS 3.3.15, and tried to clear the TPM several times and
> repeat everything with no success.
What is the output when you use -d 9? It should have asked for a
password using the PKCS #11 callback. It is either a regression or you
have PKCS #11 disabled?
More information about the Gnutls-help