Hi Johnny,
concerning the long time taken by the OpenCA::Token::nCipher module
for private key operations I will create a fix and test it in my
environment after July 11th.
For the time being to improve the speed of certificate and CRL issuance
you can try the following:
In the nCipher.pm file locate the login() method and add a
'return 1;' line before the actual check is called. Your method
should now look like this:
sub login {
my $self = shift;
return 1;
# check if key is online
if ($self->online() and $self->keyOnline()) {
$self->{ONLINE} = 1;
return 1;
}
return undef;
}
This will disable the HSM infrastructure and key online checks and
should result in a very low latency when performing private key
operations. However, if the key is not usable, you will get an
error, of course.
Martin
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id�492&op=click
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
