Hi group, https://openxpki.readthedocs.org/en/latest/reference/configuration/realm.html#crypto-layer
As I understand, the docs say: 1. Literal secrets provide no safety at all 2. Plain secrets require operator's intervention after every reboot, for each realm. 3. Split secrets are not implemented? I have currently 12 realms, is there a way to be on the relatively safe and survive daemon reboots without need to log into each of 12 realms evertime? I don't assume that my daemons will have 1000 day uptime, for example I may need to stop them everynight to make a consistent system backup. Am I right, that "Your system is critical" message suggest me, that without signer's secret available, the whole machinery actually doesn't work (automatic CRL updates/issuance for example?). Best regards! -- Pawel Tomulik ------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
