[Opendnssec-user] OpenDNSSEC with SafeNet Luna HSM
Roman Serbski
mefystofel at gmail.com
Thu May 12 17:54:41 UTC 2016
Hello,
Anyone here using SafeNet Luna HSM?
We're using latest OpenDNSSEC 1.4.10 with SoftHSM under FreeBSD 10,
and I'm trying to integrate a pair of SafeNet Luna HSMs (network
based) for a newly created domains.
I managed to install SafeNet 6.2.0 software (lunacm, vtl, htl_client
and libcryptoki), register the server, create HA slot, and assign a
partition.
I understand that I'll have to modify conf.xml to include additional
repository (with the path to libCryptoki2_64.so and relevant partition
password), and then duplicate and adjust the policy in kasp.xml, but
before that I guess I need to initialize a slot?
Do I need to follow 'softhsm --init-token ...' procedure (I noticed
that there is --module <path> directive)? Or OpenDNSSEC has to be
recompiled with libCryptoki2_64.so support?
Many thanks and sorry in advance if it's too obvious.
More information about the Opendnssec-user
mailing list