[Opendnssec-user] Opendnssec on Centos5 using Sun SCA6000
B C
brettlists at gmail.com
Thu Nov 5 11:05:37 UTC 2009
Does anybody have any experience in getting this combination to work?
I have the following packages installed
sun-sca6000-man-1.1-3
sun-nss-3.11.7-2
sun-sca6000-libs-1.1-2
sun-sca6000-admin-1.1-3
sun-sca6000-var-1.1-2
sun-sca6000-config-1.1-2
sun-sca6000-firmware-1.1-3
sun-nspr-4.6.7-2
sun-sca6000-1.1-5
along with all the pre-reqs for opendnssec.
This has enabled me to use the scamgr util to talk to the SCA6000 initialise
it and create a keystore.
The problem comes when I try to get opendnssec to talk to the SCA6000
With this in my conf.xml:
<Repository name="sca6000">
<Module>/opt/sun/sca6000/lib64/libpkcs11_sca.so</Module>
<TokenLabel>Sun Metaslot</TokenLabel>
<PIN>opendnssec:password</PIN>
<Capacity>1000</Capacity>
<RequireBackup/>
</Repository>
If I run: ods-hsmutil list
I get the error:
hsm_session_init(): PKCS#11 module load failed:
/opt/sun/sca6000/lib64/libpkcs11_sca.so
I get the same error if I change the module to lib instead of lib64
It was suggested to me already that I should be using the
module /usr/lib64/opencryptoki/PKCS11_API.so
When I change that in conf.xml I then get the following error:
ods-hsmutil list
Initialization: CKR_HOST_MEMORY
Has anybody got this combination to work and have any idea where I am going
wrong.
Brett
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20091105/5959ff4c/attachment.htm>
More information about the Opendnssec-user
mailing list