There seems to be an issue with the sca6000 card when you have more than 255 keys in a keystore. Reduce the number of keys and you should be ok.
Regards Andy -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Benjamin Zwittnig Sent: Friday, November 12, 2010 12:31 PM To: [email protected] Subject: [Opendnssec-user] sca6000 Hi, I am testing sca6000 to use it with opendnssec. During some tests I have encountered some problems. - sca6000 would hang after creating 269 keys (I tried to create 500 rsa 2048 keys with pkcs11-tool and the card stopped responding after 269 keys) - size of keys does not matter (the card stops responding after 269 keys of size 1024 as well) - key listing (after card reset) with pkcs11-tool or ods-hsmutil gives suspicious result - consequent listings of an idle card do not output the same result (every time the list is longer for the number of keys on the card) Attached is a listing of keys done with 'ods-hsmutil list sca6000'. Keys on the list are not unique! Does anybody know what else might be wrong? Regards, Benjamin P.s.: # /opt/sun/sca6000/bin/scamgr -V scamgr (Sun Crypto Accelerator 6000) 1.1 # uname -a Linux Test 2.6.18-194.17.4.el5 #1 SMP Mon Oct 25 15:50:53 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
