Docker certificate access

I am trying to set up certificates in my docker client that will connect to a AWS ECR docker registry to pull docker image through mutual TLS connection with registry. (Verify repository client with certificates | Docker Docs)
However the private key of the client resides in OPTEE secure storage (typically software implementation of TPM), and not as a PEM file. In this case I have to place in client.key, PKCS#11 URI that references the actual private key. With this setting, during docker login or pull I see error - “Error response from daemon: tls: failed to find any PEM data in key input”.
I also tried to configure it differently, changed my /etc/docker/daemon.json with below configuration. Even then I get the same error.
{
“tls”: true,
“tlscacert”: “path of ca.crt”,
“tlscert”: “path of client.cert”,
“tlskey”: “pkcs11 uri of the private key”,
“tlsverify”: true
}
Is docker engine not designed to work with such a OPTEE secure storage and PKCS#11 provider? If yes, which version of docker to use and how to set the communication with registry correct? Any help is appreciated.

Best regards,
Raghavendra.

That’s a great question for the developers!

The right place to ask about it is https://github.com/moby/moby/discussions, or as you feel it’s a bug https://github.com/moby/moby/issues.

Sure, will do. Thanks!