Javi,

The documentation was for RHCS8.1, for which the installation wizard would find the right supported modules.

For Dogtag, we have a ticket open for https://fedorahosted.org/pki/ticket/1200 make sure pkispawn works with hsm

I never tried it myself with pkispawn, but I imagine you can try looking up all the parameters with the name "token" in it in /etc/pki/default.cfg, and create a custom cfg files that contain these parameters with the right token name.
That is of course under the assumption that you have set up the HSM and the library with the secmod using modutil.

Let us know what happens. You can also contribute by adding your findings in the ticket yourself and we will take that into account when the ticket is being worked on.

Christina

On 02/03/2015 09:15 AM, Javier Gallart wrote:

Hello

we are trying to setup Dogtag 10.2.1 with a Nshield Solo as HSM. We haven't found a specific guide for this apart from the RedHat documentation:

https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/using-tokens.html

The guide states: "The Certificate System supports the nCipher netHSM hardware security module (HSM) by default".

Does that mean that pkispawn will detect the module and use it or any manual intervention is required afterwards?

Regards

Javi
_______________________________________________
Pki-users mailing list
Pki-users@redhat.com
https://www.redhat.com/mailman/listinfo/pki-users