Re: [Pki-devel] [PATCH] 866 Fixed problem installing subordinate CA with HSM in FIPS mode.

Due to certutil issue (bug #1393668) the installation code has been modified to import certificates into the NSS database in two steps. This workaround is needed to install subordinate CA with HSM in FIPS mode. First, the certificate will be imported into the HSM using the HSM password without the trust attributes. Then, the certificate will be imported into the internal token using the internal token password with the trust attributes. https://fedorahosted.org/pki/ticket/2543 _______________________________________________ Pki-devel mailing list Pki-devel(a)redhat.com https://www.redhat.com/mailman/listinfo/pki-devel