Hi,
> Thanks it mostly did the trick – but still some issues. It seems token
> rollover didn’t work. The crl issuance is trying to use casigner-1, but alias
> with current cert is for casigner-2.
> I also verified with openssl that crl issuance does work manually.
> Maybe this is a novice
Thanks it mostly did the trick – but still some issues. It seems token rollover
didn’t work.
The crl issuance is trying to use casigner-1, but alias with current cert is
for casigner-2.
I also verified with openssl that crl issuance does work manually.
Maybe this is a novice error,
Hi Henri,
from the docs of the module ;)
=head1Configuration
Set Iand set the Iattribute to point to
the fake-key file (supports local file or datapool as with plain
OpenSSL software keys).
best regards
Oliver
On 17.01.24 14:38, henri.sunde...@iki.fi wrote:
Is it possible to configure
Is it possible to configure OpenXPKI with AWS CloudHSM Dynamic Engine?
I tried something like this in crypto.yaml:
casigner:
backend: OpenXPKI::Crypto::Backend::OpenSSL
key: /etc/openxpki/ca/subca_private_ref.pem
engine: cloudhsm
engine_section: |
engine_id = cloudhsm
Hi Jeremy,
if a commercial product is an alternative: we have rewriten the "old"
perl based CertNanny project in GoLang which is a nicely featured
enrollment client that works perfectly with OpenXPKIs RPC interface (and
also other CAs using SCEP/EST), runs on Linux/Mac/Win and comes with a