Update README to reflect setup

Key setup can now be done by the signer, p11tool is no longer needed for
key generation.

README.md

@@ -1,13 +1,23 @@
-# Testing with softhsm2
+# Running with softhsm2
+
+## Setup HSM keys and certificates
 
 ```
-sudo apt install softhsm2 gnutls-bin
+sudo apt install softhsm2
 umask 077
 mkdir -p ~/.config/softhsm2/tokens
 echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
+cp docs/config.sample.yaml config.yaml
+# modify config.yaml to fit your needs
 softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
-export TOKEN_URL=$(p11tool --list-token-urls | grep localhsm | head -1)
+# initialize the keys
-p11tool --login --outfile=rootkey2022.pub --label=rootkey2022 --generate-privkey=ECDSA --curve=secp521r1 $TOKEN_URL
+export PKCS11_PIN_LOCALHSM=123456
-go test -v ./cmd/signer/
+go run ./cmd/signer -setup
-openssl x509 -in /tmp/test.pem -noout -text
+```
+
+## Run the signer
+
+```
+export PKCS11_PIN_LOCALHSM=123456
+go run ./cmd/signer
 ```