boulder

Commit Graph

Author	SHA1	Message	Date
Roland Bracewell Shoemaker	a0a9623cb6	Switch to using SoftHSM in Docker for testing (#1920 ) Instead of reading the CA key from a file on disk into memory and using that for signing in `boulder-ca` this patch adds a new Docker container that runs SoftHSM and pkcs11-proxy in order to hold the key and perform signing operations. The pkcs11-proxy module is used by `boulder-ca` to talk to the SoftHSM container. This exercises (almost) the full pkcs11 path through boulder and will allow testing various HSM related failures in the future as well as simplifying tuning signing performance for benchmarking. Fixes #703.	2016-07-11 11:20:51 -07:00

Author

SHA1

Message

Date

Roland Bracewell Shoemaker

a0a9623cb6

Switch to using SoftHSM in Docker for testing (#1920 )

Instead of reading the CA key from a file on disk into memory and using that for signing in `boulder-ca` this patch adds a new Docker container that runs SoftHSM and pkcs11-proxy in order to hold the key and perform signing operations. The pkcs11-proxy module is used by `boulder-ca` to talk to the SoftHSM container.

This exercises (almost) the full pkcs11 path through boulder and will allow testing various HSM related failures in the future as well as simplifying tuning signing performance for benchmarking.

Fixes #703.

2016-07-11 11:20:51 -07:00

1 Commits