cacert-gosigner/README.md

24 lines
561 B
Markdown
Raw Normal View History

# Running with softhsm2
## Setup HSM keys and certificates
```
sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup
```
## Run the signer
```
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer
```