You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One signer should be the default which will be used for generating new key pairs. Other signers will be used to work with keys that were previously created with those signers. Extend KrillSigner functions to lookup the signer to use based on the Key Identifier, or in the case of key generation by using the signer marked as the “default”. Only the SoftSigner exists at this point but the collection should support any signer implementation.
The text was updated successfully, but these errors were encountered:
Support multiple signers of different types behind a HSM feature flag, and support in principle selecting which signer to use for which purpose. (#539)
* Support multiple signers of different types behind a `hsm` feature flag, and support in principle selecting which signer to use for which purpose (#539). Note: Currently only usable in combination with a new`hsm-tests` feature flag due to lack of any actual means to select an alternate signer via code or config.
* Replaces the dummy signer with a KMIP signer (#566) and supporting dependencies `kmip-protocol` (#557, #558, #559), `backoff` (retry support), `r2d2` (connection pooling support). Adds a `hsm-tests` feature flag for testing exclusively with KMIP, i.e. not using the OpenSSL signer at all.
* Adds a GitHub Actions `hsmtest` CI job that tests Krill integration with a co-installed PyKMIP instance (#560, #561, #683).
One signer should be the default which will be used for generating new key pairs. Other signers will be used to work with keys that were previously created with those signers. Extend KrillSigner functions to lookup the signer to use based on the Key Identifier, or in the case of key generation by using the signer marked as the “default”. Only the SoftSigner exists at this point but the collection should support any signer implementation.
The text was updated successfully, but these errors were encountered: