Hi, I am currently setting up a test bed installation for a medium sized PKI installation. We have chosen OpenCA for Level 2 CA and RA and want to use HSMs for private key protection. I've set up a OpenCA 0.9.2 RC4 test install for this purpose.
We have not yet decided which HSM we are going to use in the end, but it looks pretty much like we will choose nCipher nFast PCI modules. Currently I have one nFast 150 module for testing, and I can use it properly with OpenSSL (CHIL engine). I have written some shell scripts that server well for a rudimentary Root CA, and everything is running smoothly with it, including access control divided to two distinct operators for private key operations. Now I am trying to figure out the semantic of the LunaCA3 module that is supported by OpenCA to adapt it for the nCipher module. However, I want to include it in OpenCA and would be willing to contribute my results to the project. Is the OpenCA development community interested in this? I could need some help in identifying what needs to be done to add the nCipher HSM. Cheers, Martin ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
