Does anybody have split secrets working actually? Configuring shares always gives incomplete results, no matter what is entered. When no shares are configured everything works well and the key is loaded.
On Thu, May 20, 2021 at 7:20 PM Kseniya Blashchuk <[email protected]> wrote: > Hello everyone! > I am new to openxpki, I am trying to enter a split password via web > interface, however it always shows me Incomplete (1/3), I have to enter 3 > shares. Split secret was created with clca tools. What am I doing wrong? > Config: > ```# Define the secret groups > secret: > default: > # this let OpenXPKI use the secret of the same name from > system.crypto > # if you do not want to share the secret just replace this line > with > # the config found in system.crypto. You can create additional > secrets > # by adding similar blocks with another key > import: 1 > keys: > # this let OpenXPKI use the secret of the same name from > system.crypto > # if you do not want to share the secret just replace this line > with > # the config found in system.crypto. You can create additional > secrets > # by adding similar blocks with another key > import: 0 > label: Split secret Password > method: plain > total_shares: 3 > cache: daemon > ``` > ``` ca-signer: > inherit: default > secret: keys > key_store: DATAPOOL > key: "[% ALIAS %]" > ``` > Logs: > ```=> audit.log <== > 2021/05/20 19:07:13 openxpki.audit.system.INFO set secret part|group=keys > [pid=19|sid=Lsyr] > > ==> catchall.log <== > 2021/05/20 19:07:13 openxpki.audit.system.INFO set secret > partHASH(0x56309d1741a8) [pid=19|sid=Lsyr] > > ==> webui.log <== > 2021/05/20 16:07:13 INF Secret was sent [pid=70|sid=10d2] > 2021/05/20 16:07:13 INF Resume backend session with id > LsyrFOtHSJSiz7LJS/rUhA== [pid=70|sid=10d2]``` >
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
