nickrbogdanov

> Yeah it's interesting, but from a usability perspective interacting with the PKCS11 engine by overloading the certificate configuration items isn't great. I modeled this on the client side (wpa_supplicant)...

> Putting all of the text into a large blob just seems bad: `"pkcs11:model=PKCS%2315%20emulated;id=%01;pin-value=123456;type=private"` that's opaque and difficult to get right. Except for the `pin-value` part, you should be able...

Some other examples, from playing with SoftHSM: `p11tool --login --set-pin=1111 --generate-ecc --label=key03 'pkcs11:token=first'` autogenerates an `id=` and sets `object=` to the `--label` value: > `pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=1a9508f32aa1bb7b;token=first;id=%ca%2c%bc%8a%27%10%15%16%36%eb%84%53%c7%48%dc%cf%71%76%a1%a6;object=key03;type=private` `p11tool --login --set-pin=1111 --generate-ecc --id=%04...

The overloading was inspired by this functionality from wpa_supplicant: ``` /* * If the engine isn't explicitly configured, and any of the * cert/key fields are actually PKCS#11 URIs, then...

Friendly ping, is this something the authors were/weren't able to corroborate?

> I have the same issue. You can use DisplayLayerProgress_feedrateChanged or DisplayLayerProgress_heightChanged for progress. So you're using [this additional plugin](https://github.com/OllisGit/OctoPrint-DisplayLayerProgress) to generate those events as the corresponding Gcode commands are...

> The only thing that stands out to me is the searching all of "/usr" for the hsm library FWIW the performance hit on an 11th gen NUC is 4s:...

Hi @gotthardp any thoughts on what might be happening here?

There is a name mismatch in the test that used the software based keys, too. If you click Advanced, you can bypass that warning and proceed to the site. By...

Another data point: if I have the TPM generate an RSA privkey/cert rather than ECC, Chrome is now able to connect: ``` # same as above tpm2_createprimary -C o -g...