[Opendnssec-user]About AEP Keyper Testing
Paul Wouters
paul at nohats.ca
Fri Feb 1 06:19:11 UTC 2013
On Tue, 29 Jan 2013, Dave Knight wrote:
> We use Keypers, here's the relevant config snippet
>
> <RepositoryList>
>
> <Repository name="default">
> <Module>/path/to/keyper/library/pkcs11.GCC4.0.2.so.4.07</Module>
That's not the latest version. I have /usr/lib64/pkcs11.Linux_i64.so.4.10 from aep-4.10.tar.gz
Our conf.xml snippit:
<Repository name="AEP">
<Module>/usr/lib64/pkcs11.Linux_i64.so.4.10</Module>
<TokenLabel>CAKSK</TokenLabel>
<PIN>yourpin</PIN>
<!--
<SkipPublicKey/>
-->
</Repository>
The removal of SkipPublicKey is needed if you also want to use it to
sign with bind using the HSM.
Paul
More information about the Opendnssec-user
mailing list