[Pki-users] Dogtag 10 HSM Support

Christina Fu cfu at redhat.com
Wed Oct 19 20:32:24 UTC 2016 

yes that sounds like exactly what we experienced before getting the 
latest update recently.

regards,

Christina


On 10/19/2016 11:29 AM, Elliott William C OSS sIT wrote:
> Great - we'll give it a try.
>
> as a side note: we had issues last year with Dogtag 9 and the latest fw at the time, and were unable to resolve them
> with safenet support. We stayed with an older fw version (at startup, dogtag calls to hsm reliably *killed* the
> internal connection of the appliance itself to the hsm unit - rendering all partitions dead and requiring
> reboot of the appliance - very nasty)
>
> Thanks for the prompt reply.
>
> Cheers,
> William
>
> -----Original Message-----
> From: pki-users-bounces at redhat.com [mailto:pki-users-bounces at redhat.com] On Behalf Of Christina Fu
> Sent: Mittwoch, 19. Oktober 2016 19:22
> To: pki-users at redhat.com
> Subject: Re: [Pki-users] Dogtag 10 HSM Support [heur]
>
>
>
> On 10/19/2016 07:46 AM, Endi Sukma Dewata wrote:
>> On 10/19/2016 6:29 AM, Elliott William C OSS sIT wrote:
>>> Hi,
>>>
>>> What is the current status of HSM Support?
>>> We tried to setup Dogtag 10 on RHEL7 with Safenet Luna SA HSM earlier
>>> this year, but creating a CA didn't seem to support using a HSM as
>>> the version 9 did.
>>> Is this working now? Should it work? Will it work in the future?
>>> Without it, we must use a different CA.
>>>
>>> Thanks in advance!
>>>
>>>      William Elliott
>> Hi,
>>
>> Dogtag 10 does support HSM including Luna SA. Please take a look at
>> this page:
>> http://pki.fedoraproject.org/wiki/Installing_CA_with_HSM
>>
>> Just be sure to use the latest available version.
>>
> Right.  Just want to stress that older versions of the lunaSA firmware
> exhibit issues which were somehow fixed in the latest firmware v6.24.0 I
> think.
>
> Christina
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users

More information about the Pki-users mailing list