I plan to setup an OpenCA platform and use openssl-0.9.7 with the CC2000 Bull TrustWay PKCS#11 enable device (see last patch I have submitted to openssl). The cryptographic hardware is used for generate keys, store private keys and accelerate any RSA operations. So, I installed openssl-0.9.7 (with the pkcs#11 engine patch applied), apache-mod_ssl (with a specific patch to work with a pkcs#11 cryptodevice) and openca-0.9.0 on a linux machine. I have some questions: 1- Is it possible to setup ca, ra, and pub on the same server for testing? 2- Is there a way to initialize openca to use an openssl engine, pkcs11 in our case, instead of SSLeay software crypto; and then call openssl with the good parameters (openssl $cmd -engine pkcs11 -keyform e $arg)? 3- Do you have some documentation to explain roles & rights? 4- What's the export/import format on the floppy and is it possible to change it? 5- How can I disable HSM login/logout in 0.9.1 ?
Thanks and Best regards, [EMAIL PROTECTED] Bull TrustWay, R&D ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
