Dear bind-users, I wrote a wiki page describing how to integrate stock BIND 9 with PKCS#11 HSMs using OpenSSL PKCS#11 engine (from OpenSC project):
https://gitlab.isc.org/isc-projects/bind9/-/wikis/BIND-9-PKCS11 If you ever worked with HSM (and even better with BIND 9 and HSMs), I would appreciate if you can take a look, and perhaps try the method and report back success / failure? I understand that the PKCS#11 interface in BIND 9 isn’t very human friendly, but most of it comes from the fact that PKCS#11 itself isn’t human friendly. That said, we will look how to improve the experience of using HSMs with BIND 9, so don’t be afraid to fill issues and feature requests in BIND 9 GitLab issue tracker: https://gitlab.isc.org/isc-projects/bind9/issues Ondrej -- Ondřej Surý ond...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users