[gnutls-help] Multi-tenancy and PKCS #11

Rick van Rein rick at openfortress.nl
Tue Jul 18 15:22:28 CEST 2017

Hello Nikos,

As you know, I am building a TLS Pool which separates applications from
TLS security.  I have requests to make this into a multi-tenant process,
so it could run on a client machine and service each client without


This is a nettly request, but most things are now starting to resolve. 
One thing that may be blocking it, is the fact that GnuTLS has a global
setup for PKCS #11, including the available tokens and their PINs.  Is
that correct, or is there a way to get around this?

I do realise that GnuTLS is a library, and was not design with a
multi-tenant mindset.  So if this is the stopper of the multi-tenancy
show than that does not indicate to me that GnuTLS is bad :) just that a
multi-tenant TLS Pool would be stretching it too far.


More information about the Gnutls-help mailing list