How to generate certificate if private key is in HSM?

Question

I often use openssl to generate RSA key and certificate. But now i encounter a problem. openssl x509 -req require private key as input. But now we\

Answer 1

Use HSM's supported functions (Usually the HSM provider support and provide required library) like encrypt(), decrypt(), sign() to get the desired data. You cannot get the private key object from HSM and you cannot use openssl for HSM.