[Pki-users] CA integration and installation with HSM

What are the steps to integrate DogTag (Root) CA with an HSM? Does this have to occur during installation? I've successfully performed a general installation with CA keys in software. I was then able to modify secmod.db to add the HSM library and restart the system. I can both use command line utilities (certutil) and GUI (pkiconsole) to create keys on the HSM. Re-keying the caSigning certificate works but the CA certificate is issued (issuer) by the original software-based issuer (therefore NOT a self-signed CA cert!). So I assume this has to be done during initial installation (custom install). But, how do I get the HSM PKCS#11 library added/included with the custom install? ----------------------------------------------------------- Dennis Gnatowski dgnatowski(a)yahoo.com