Explore the transition from OpenSSL's deprecated ENGINE API to the new OpenSSL 3 provider system for accessing smartcards via PKCS11 in this DevConf.CZ 2023 conference talk. Delve into the changes, both positive and negative, affecting application developers and those interested in provider development. Learn about the lessons gained from developing a PKCS11 provider for OpenSSL and discover the new opportunities presented by this extension paradigm. Gain insights into the PKCS11 API, available providers, configuration, and the intricacies of writing a provider, including operations, function tables, key retrieval and management, and signature operations. Understand the goals, challenges, and future steps for the PKCS11 Provider, equipping yourself with valuable knowledge for working with OpenSSL 3 and hardware-based cryptographic solutions.