dear friends of openca, i have tested openca with an nCipher nShield hsm and everything works.
reading the openca sources i saw that it uses an openssl command to, for example, signing certificate through engine CHIL (something like openssl ca xxx xxx -passin -keyfile ....) in order to signing certificates it is necessary to open the hsm with its operator card set (/opt/nfast/bin/with-nfast pause) before executing the openssl ca command. i would like to know how does openca get the hsm password to load the private key to sign the certificate? (for example how openca can use the private key store in hsm throug chil engine) one of the openssl ca command options is -passin arg, and openca uses -passin env:pwd, how openca gets the passwords? best regards. antonio araujo __________________________________________________ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.espanol.yahoo.com/ ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ OpenCA-Devel mailing list OpenCA-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-devel
