Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-3502

Allow system tests to use HSM when available

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: EJBCA 6.1.1
    • Fix Version/s: EJBCA 6.2.0
    • Component/s: None
    • Labels:
      None

      Description

      Many of the system tests currently use a SoftCryptoToken. It would be useful to run all these tests using Pkcs11CryptoToken when available and configured to.

      It could look like this in conf/systemtests.properties:
      ...

          1. Hardware Security Module ###
      1. Full path to the PKCS#11 library
        #pkcs11.library=/opt/p11proxy/p11proxy.so
      1. The security provider the specified library and slot results in
        #pkcs11.provider=SunPKCS11-p11proxy.so-slot1
      1. By which methods we usually prefer to reference a slot.
      2. Must be one of SLOT_NUMBER, SLOT_INDEX or SLOT_LABEL
        #pkcs11.slottype.preferred=SLOT_NUMBER
      1. The pkcs11.slottypevalue.* properties below should all point to the same PKCS#11 slot.
      2. If you configure one, you should configure the others as well.

      #pkcs11.slottypevalue.number=1
      #pkcs11.slottypevalue.index=i1
      #pkcs11.slottypevalue.label=ejbca

      1. The PIN of the slot referenced by the pkcs11.slottypevalue.* properties.
        #pkcs11.slotpin=userpin1

      Note to reviewer: This ticket changes no production code. Since it involves a lot of code, confirming behaviour on Jenkins is sufficient. -mike

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mikek Mike Agrenius Kushner
              Reporter:
              johan Johan Eklund
              Verified by:
              Samuel Lidén Borell
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: