I have a working OpenSSL RSA engine (i.e. a .so file) and an Apache server configured in SSL mode.
How can I make Apache use RSA implementation from my RSA engine? In other words: Where do I put the engine (.so file), how do I modify the openssl.cnf file and how do I build the Apache?
Steps that worked for me:
1.Install OpenSSL from sources, specifying -DOPENSSL_LOAD_CONF when running ./config
1.1.Create/build your OpenSSL engine and add it to your openssl.cnf file
2.Install httpd from sources, using these commands:
CFLAGS='-DSSL_EXPERIMENTAL_ENGINE -DSSL_ENGINE -DOPENSSL_LOAD_CONF' ./configure --enable-ssl --with-ssl=/usr/local/ssl --with-pcre=/usr/local/pcre --enable-so
make
make install
2.1.Edit httpd-ssl.conf by adding SSLCryptoDevice engine_id and make sure that when execute $ openssl engine, the engine_id specifier appears on the list. Also, you have to create self-signed cerificate and private key, modify the httpd.conf file, but this is not the subject of this question. Search: how to configure HTTPS on Apache.
3.$ httpd -k restart and that is all.
EDIT
The place of .so file (Openssl ENGINE) must be specified in openssl.cnf.