Hallo,
i have two Nitrokey HSM sticks. I initialized them whith a dkek. Then i created 4 rsa:2048 keypairs. For the first keypair i created a self signed CA Certificate and stored it with XCA on the nitrokey.
Then i did a backup of each key with sc-hsm-tool --wrap-key and tried to unwarp them to the second nitrokey.
That worked with the 3 keys without certificate but not with the key1 with the certificate. So i deleted the certificate from the nitrokey did a new backup but it still does not work.
On unrwapping it says:
Using reader with a card: Nitrokey Nitrokey HSM 0
Wrapped key contains:
Key blob
Key successfully imported
But with opensc15-tool -D the key does not show up
When i list the files with the opensc-explorer only a CC01 file is created no C401 and no CE01.
If i try to unwrap the backup with the certificate is says:
Using reader with a card: Nitrokey Nitrokey HSM 0
Wrapped key contains:
Key blob
Private Key Description (PRKD)
Key successfully imported
But neither the privkey nor the certificate shows up with opensc15-tool -D
When i now list the files there is also a C401 file (with the size from CE01 from the original nitrokeyHSM) but no CE01 file
What can i do to solve this problem?
(I need to preserve this key because we are already working with it)
br
Matthias