Re: [Openca-Users] Very high times issuing certificates with nCipher

[Johnny Gonzalez]

Hello Martin,

 

Thanks a lot for your help, I will follow the instructions to reduce the time it takes to issue every certificate.

 

Johnny

Martin Bartosch <[EMAIL PROTECTED]> escribió:

Hi Johnny,

concerning the long time taken by the OpenCA::Token::nCipher module
for private key operations I will create a fix and test it in my
environment after July 11th.

For the time being to improve the speed of certificate and CRL issuance
you can try the following:

In the nCipher.pm file locate the login() method and add a
'return 1;' line before the actual check is called. Your method
should now look like this:

sub login {
my $self = shift;
return 1;

# check if key is online
if ($self->online() and $self->keyOnline()) {
$self->{ONLINE} = 1;
return 1;
}
return undef;
}

This will disable the HSM infrastructure and key online checks and
should result in a very low latency when performing private key
operations. However, if the key is not usable, you will get an
error, of course.

Martin




-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

---

Correo Yahoo!
Comprueba qué es nuevo, aquí
http://correo.yahoo.es