[Pki-users] CA integration and installation with HSM
Dennis Gnatowski
dgnatowski at yahoo.com
Sun Nov 2 17:09:33 UTC 2014
What are the steps to integrate DogTag (Root) CA with an HSM? Does this have to occur during installation?
I've successfully performed a general installation with CA keys in software. I was then able to modify secmod.db to add the HSM library and restart the system. I can both use command line utilities (certutil) and GUI (pkiconsole) to create keys on the HSM. Re-keying the caSigning certificate works but the CA certificate is issued (issuer) by the original software-based issuer (therefore NOT a self-signed CA cert!). So I assume this has to be done during initial installation (custom install). But, how do I get the HSM PKCS#11 library added/included with the custom install?
-----------------------------------------------------------
Dennis Gnatowski
dgnatowski at yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20141102/6e4e94c7/attachment.htm>
More information about the Pki-users
mailing list