Hi Scotty, I have never tried this with the YubiKey but we had issues with other HSM drivers as the Vault token needs to support encrypt/decrypt which is not supported by some drivers.
The old SCEP server (up to 3.16) does not support HSM tokens but the new SCEP server should work, just keep in mind that any incoming SCEP request requires a crypto operation so this will have an impact on the performance. Oliver Am 19.04.22 um 19:06 schrieb Scott Thomas via OpenXPKI-users: > Hi, > > I tried to store the vault key on YubiHSM on the exactly same pattern > like the CA signer key which was working fine. But i receive the error > on GUI "*Encryption key needed to decrypt password safe entry is > unavailable*". > > Does OpenXPKI support loading the Vault & SCEP key from YubiHSM2? > > Regards > Scotty > > > > _______________________________________________ > OpenXPKI-users mailing list > OpenXPKI-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openxpki-users -- Protect your environment - close windows and adopt a penguin!
_______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
