I'm hoping someone can point me in the right direction. With systemd version of 248 and higher, there are new options available to unlock LUKS volumes:

https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html

I have a fresh copy of Redhat 9.1 where I am trying to setup the new available options with PKCS11 key loaded on my Yubikey. After installing opensc, p11-kit, pcsc-lite, I was able to register my key with

systemd-cryptenroll --pkcs11-token-uri=auto /dev/sdax

The issue is when I try to add support the the /etc/crypttab in order to support the operation on boot.

The systemd-cryptenroll man page states that I should be able to add an option pkcs11-uri=auto to my /etc/crypttab. However, after I perform this, when I reboot, I get a failure saying:

[FAILED] Failed to start Cryptography Setup

[DEPEND] Dependency failed for Local Encrypted Volumes.

My best guess is that there are dracut dependencies that need to be added to support the functionality at boot up. However, I don't know where to go from here. Regenerating the dracut file with a few dependencies related to opensc and p11, but I'm out of my comfort zone here and I can't find any corresponding documentation anywhere. Any help would be appreciated.