fixup! Tests: test for loading "store:..." keys.

bavshin-f5 · bavshin-f5 · commit 6c2084b86d02 · 2025-05-22T21:57:51.000-07:00
Use ssl_password_file with pkcs11-module-cache-pins for provider test.
diff --git a/ssl_provider_keys.t b/ssl_provider_keys.t
@@ -61,6 +61,8 @@ http {
         ssl_certificate localhost.crt;
         ssl_certificate_key "store:pkcs11:token=NginxZero;object=nx_key_0";
 
+        ssl_password_file pin.txt;
+
         location / {
             # index index.html by default
         }
@@ -83,6 +85,8 @@ http {
         ssl_certificate $ssl_server_name.crt;
         ssl_certificate_key "store:pkcs11:token=NginxZero;object=nx_key_0";
 
+        ssl_password_file pin.txt;
+
         location / {
             # index index.html by default
         }
@@ -133,7 +137,7 @@ activate = 1
 
 [pkcs11_sect]
 pkcs11-module-path = $libsofthsm2_path
-pkcs11-module-token-pin = file:$d/pin.txt
+pkcs11-module-cache-pins = cache
 # https://github.com/latchset/pkcs11-provider/commit/ab6370fd
 pkcs11-module-quirks = no-deinit no-operation-state
 activate = 1
@@ -173,7 +177,7 @@ foreach my $name ('localhost') {
 
 	system('openssl req -x509 -new '
 		. "-subj /CN=$name/ -out $d/$name.crt -text "
-		. "-key 'pkcs11:token=NginxZero;object=nx_key_0' "
+		. "-key 'pkcs11:token=NginxZero;object=nx_key_0' -passin pass:1234"
 		. ">>$d/openssl.out 2>&1") == 0
 		or plan(skip_all => "missing pkcs11-provider");
 }
