[Pki-devel] [PATCH] 866 Fixed problem installing subordinate CA with HSM in FIPS mode.
Endi Sukma Dewata
edewata at redhat.com
Tue Nov 15 21:57:49 UTC 2016
Due to certutil issue (bug #1393668) the installation code has
been modified to import certificates into the NSS database in
two steps. This workaround is needed to install subordinate CA
with HSM in FIPS mode.
First, the certificate will be imported into the HSM using the
HSM password without the trust attributes. Then, the certificate
will be imported into the internal token using the internal token
password with the trust attributes.
https://fedorahosted.org/pki/ticket/2543
--
Endi S. Dewata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-edewata-0866-Fixed-problem-installing-subordinate-CA-with-HSM-in-.patch
Type: text/x-patch
Size: 4630 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20161115/a923cb64/attachment.bin>
More information about the Pki-devel
mailing list