1 # EAP-TLS using private key and certificates via OpenSSL PKCS#11 engine and
2 # openCryptoki (e.g., with TPM token)
4 # This example uses following PKCS#11 objects:
5 # $ pkcs11-tool --module /usr/lib/opencryptoki/libopencryptoki.so -O -l
6 # Please enter User PIN:
7 # Private Key Object; RSA
10 # Usage: decrypt, sign, unwrap
11 # Certificate Object, type = X.509 cert
14 # Certificate Object, type = X.509 cert
18 # Configure OpenSSL to load the PKCS#11 engine and openCryptoki module
19 pkcs11_engine_path=/usr/lib/engines/engine_pkcs11.so
20 pkcs11_module_path=/usr/lib/opencryptoki/libopencryptoki.so
28 # use OpenSSL PKCS#11 engine for this network
32 # select the private key and certificates based on ID (see pkcs11-tool
38 # set the PIN code; leave this out to configure the PIN to be requested
39 # interactively when needed (e.g., via wpa_gui or wpa_cli)