Hello,
I try to configure openxpki to use the "plain" method on the datasafe token
but I have the following error :
2021/08/09 10:40:53 I18N_OPENXPKI_CRYPTO_OPENSSL_ENGINE_GET_PASSWD_UNDEF
Error running command: I18N_OPENXPKI_CRYPTO_OPENSSL_ENGINE_GET_PASSWD_UNDEF
at /usr/share/perl5/OpenXPKI/Client/Simple.pm line 461.
When I execute the following command :
openxpkiadm alias --file /home/tna/DataVault-1.crt --realm SCLEWebServer
--token datasafe --key /home/tna/DataVault-1.key
My configuration is the following :
----------------------------------------------------------------------------
-------------
Crypto.yaml :
type:
certsign: ca-signer-ws
datasafe: vault-ws
token:
default:
backend: OpenXPKI::Crypto::Backend::OpenSSL
key: /etc/openxpki/local/keys/[% PKI_REALM %]/[% ALIAS %].pem
engine: OpenSSL
engine_section: ''
engine_usage: ''
key_store: OPENXPKI
shell: /usr/bin/openssl
wrapper: ''
randfile: /var/openxpki/rand
secret: default
ca-signer-ws:
inherit: default
key_store: DATAPOOL
key: "[% ALIAS %]"
vault-ws:
inherit: default
key: /etc/openxpki/local/keys/[% ALIAS %].pem
secret: dataprotect
# Define the secret groups
secret:
default:
import: 1
dataprotect:
label: Database protection key
export: 0
method: plain
cache: daemon
----------------------------------------------------------------------------
-------------
If I try with the "literal" method and the value associated for the
password, it works perfectly.
I haven't try yet to import the ca signer token but I think it will be the
same problem.
Could you help me to solve this problem ?
Best regards,
Thierry
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
