Open
Description
Version
16.13.1
Platform
arm9
Subsystem
imx6 with Trusted Platform Module
What steps will reproduce the bug?
The issue happens when
- mqtt client reconnects using
tls.connect(first connection works fine) - the options given to
tls.connectare{'cert': '/path/to/tpmCert.pem', 'privateKeyEngine': '/usr/lib/engines-1.1/pkcs11.so', 'privateKeyIdentifier': 'foo', 'ca': '/path/to/root.ca.pem'}
How often does it reproduce? Is there a required condition?
The initial connection works fine but after ~1 hour, mqtt reconnects to the server using tls.connect again with the same options as for the initial connection.
What is the expected behavior?
The secure connection should be established with the given certificates.
What do you see instead?
Unable to check if already logged in
Login failed
Login to token failed, returning NULL...
PKCS11_get_private_key returned NULL
node:internal/tls/secure-context:196
context.setEngineKey(privateKeyIdentifier, privateKeyEngine);
^
Error: error:820780B1: mPKCS#11odule:pkcs11_open_session:Session count
at configSecureContext (node:internal/tls/secure-context:196:17)
at Object.createSecureContext (node:_tls_common:116:3)
at Object.connect (node:_tls_wrap:1621:48)
at Object.buildBuilder (/home/node/node_modules/mqtt/lib/connect/tls.js:17:20)
at MqttClient.wrapper [as streamBuilder] (/home/node/node_modules/mqtt/lib/connect/index.js:154:36)
at MqttClient._setupStream (/home/node/node_modules/mqtt/lib/client.js:298:22)
at MqttClient._reconnect (/home/node/node_modules/mqtt/lib/client.js:938:10)
at Timeout.<anonymous> (/home/node/node_modules/mqtt/lib/client.js:958:12)
at listOnTimeout (node:internal/timers:557:17)
at processTimers (node:internal/timers:500:7) {
opensslErrorStack: [
'error:26096080:engine routines:ENGINE_load_private_key:failed loading private key',
'error:820780B1:PKCS#11 module:pkcs11_open_session:Session count'
],
library: 'PKCS#11 module',
function: 'pkcs11_open_session',
reason: 'Session count',
code: 'ERR_OSSL_SESSION_COUNT'
}
Additional information
No response