Dear OpenXPKI User, I want to setup openXPKI with HSM (Gemalto ProtectServer +). Is there anyone who had experienced?
At first, I wonder how can I configure key location of HSM. OpenXPKI document says, "*Move the key files to /etc/openxpki/ssl/ca-one/ *and name them ca-one-signer-1.pem, ca-one-vault-1.pem, ca-one-scep-1.pem. *The key files must be readable by the openxpki user*, so we recommend to make them owned by the openxpki user with mode 0400. Now import the certificates to the database." I can move my certificates to /etc/openxpki/ssl/ca-one/, except the keys of my hsm and name them like that. Then how openxpki app can read my keys in the hsm? I cannot find any configurations regarding HSM for key management. Best regards, Sang-Ho Na -- --------------------------------------------------------------------------------------- *Korea Institute of Science and Technology Information(KISTI)* *G*lobal *S*cience experimental *D*ata hub *C*enter Sang-Ho Na Senior Researcher / Ph.D. E-mail: [email protected] / [email protected] Phone: +82-42-869-0663 Fax: +82-42-869-1015 Mobile: +82-10-7193-7295 address : 245, Daehak-ro, Yusong-gu, Daejeon, 34141, Korea ---------------------------------------------------------------------------------------
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
