Skip to content

Go PKCS#11 helper module for certificate signing using HSMs.

License

Notifications You must be signed in to change notification settings

v1sion/pkcs11helper

 
 

Repository files navigation

pkcs11helper

Go PKCS#11 helper module for certificate signing using HSMs.

Setup

The Setup instructions help get an HSM up and running with a usable signed Intermediate CA.

SoftHSM2, Thales SafeNet DPoD and Entrust nShield HSMs are currently documented, though any PKCS#11 compliant HSM should work.

Test

The casigner11 command line client is work in progress, as is this documentation.

Once the signed Intermediate issuing CA cert has been produced, use TestCASigner to try out the HSM signer.

Check TESTING for more instructions.

A Vault plugin is also available which uses this pkcs11helper module to add support for HSM backed PKI.

License

HSM PKI for Vault was sponsored by BT UK and developed by mode51 Software under the Mozilla Public License v2.

By Chris Newman

About

Go PKCS#11 helper module for certificate signing using HSMs.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 100.0%