Hi, you can use the YubiHSM with the PKCS11 Engine to store your CA key.
What is the intention on storing user keys on the CAs HSM? It is not possible by "simple" configuration but we have done a similar setup for a customer to generate keys on a HSM secured Loadbalancer by replacing the "generate_key" activity by a custom shell script. Oliver Am 03.02.22 um 02:23 schrieb Scott Thomas via OpenXPKI-users: > Bonjour Users, > > YubiHSM can support 127x RSA 2048 or 65x RSA 4096 keypairs. I want to > incorporate YubiHSM for the storage of 1x CA key of RSA 4096 and user > keypairs of RSA 2048. > Can I configure OpenXPKI to store the CA key and user generated keys > which are generated through the web interface? > > Cheers > Scotty > > Sent from Yahoo Mail on Android > <https://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature> > > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users -- Protect your environment - close windows and adopt a penguin!
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
