[Pki-users] Dogtag 10 HSM Support
Elliott William C OSS sIT
WilliamC.Elliott at s-itsolutions.at
Wed Oct 19 18:29:16 UTC 2016
Great - we'll give it a try.
as a side note: we had issues last year with Dogtag 9 and the latest fw at the time, and were unable to resolve them
with safenet support. We stayed with an older fw version (at startup, dogtag calls to hsm reliably *killed* the
internal connection of the appliance itself to the hsm unit - rendering all partitions dead and requiring
reboot of the appliance - very nasty)
Thanks for the prompt reply.
Cheers,
William
-----Original Message-----
From: pki-users-bounces at redhat.com [mailto:pki-users-bounces at redhat.com] On Behalf Of Christina Fu
Sent: Mittwoch, 19. Oktober 2016 19:22
To: pki-users at redhat.com
Subject: Re: [Pki-users] Dogtag 10 HSM Support [heur]
On 10/19/2016 07:46 AM, Endi Sukma Dewata wrote:
> On 10/19/2016 6:29 AM, Elliott William C OSS sIT wrote:
>> Hi,
>>
>> What is the current status of HSM Support?
>> We tried to setup Dogtag 10 on RHEL7 with Safenet Luna SA HSM earlier
>> this year, but creating a CA didn't seem to support using a HSM as
>> the version 9 did.
>> Is this working now? Should it work? Will it work in the future?
>> Without it, we must use a different CA.
>>
>> Thanks in advance!
>>
>> William Elliott
>
> Hi,
>
> Dogtag 10 does support HSM including Luna SA. Please take a look at
> this page:
> http://pki.fedoraproject.org/wiki/Installing_CA_with_HSM
>
> Just be sure to use the latest available version.
>
Right. Just want to stress that older versions of the lunaSA firmware
exhibit issues which were somehow fixed in the latest firmware v6.24.0 I
think.
Christina
_______________________________________________
Pki-users mailing list
Pki-users at redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
More information about the Pki-users
mailing list