Re: [OpenCA-Devel] New HSM - Problems

Massimiliano Pala Thu, 30 Jun 2005 04:59:02 -0700

Martin Bartosch wrote:
[...]

I'd suggest to configure the CA token to use the HSM, that way you can
use HSM protected key for certificate and CRL issuance.
The default token could be configured to use the OpenSSL (software)
module but use the OpenSSL -engine option for genrsa to utilize the
hardware RNG of the module.


Thanks, this was also the answer from Michael... :-D I'll do it this
way and report back to the list as soon as I'll have the module working...

--

Best Regards,

        Massimiliano Pala

--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]      [EMAIL PROTECTED]
                                                Tel.:   +39 (0)11  564 7081
http://security.polito.it                       Fax:    +39   178  270 2077
                                                Mobile: +39 (0)347 7222 365

Politecnico di Torino (EuroPKI)
Certification Authority Informations:

Authority Access Point                                  http://ca.polito.it
Authority's Certificate:          http://ca.polito.it/ca_cert/en_index.html
Certificate Revocation List:              http://ca.polito.it/crl02/crl.crl
--o------------------------------------------------------------------------

smime.p7s
Description: S/MIME Cryptographic Signature

Re: [OpenCA-Devel] New HSM - Problems

Reply via email to