Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5956

Encrypt keypair for key recovery using a selectable crypto token, for local key generation

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.9.0
    • Component/s: RA UI
    • Labels:
    • Issue discovered during:
      Another issue
    • Sprint:
      6.9.0 Sprint 2

      Description

      Currently, key pairs in the KeyRecoveryData table are encrypted and decrypted using the CAs defaultKey. This does not work with delegated key recovery, since we don't want the CA to have to keys.

      Instead, it should be possible to select a key for encrypting locally generated key pairs on the RA. See ECA-5954 for the GUI part.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              samuel Samuel Lidén Borell
              Reporter:
              samuel Samuel Lidén Borell
              Verified by:
              Henrik Sunmark, Mike Agrenius Kushner
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: