Nitrokey HSM users are invited to try the new TrustCenter function in the PKI-as-a-Service Portal.
The TrustCenter function allows you to operate your own PKI, manage Nitrokey HSMs and issue certificates for people and systems.
See our blog for details.
I’ve read both blog posts and watched the video but I do not seem to be able to find the software to run it locally on CDN. Do you have some pointers how to build the docker image / install the required apps on the scripting server?
The project is hosted in the CDN and we provide a ready-to-use tarball under Files.
The source code is in the pki-as-a-service git repository. You should see that when you ssh with your DevNet-CA key into devnet.cardcontact.de. There is also a readme.md with details.
The sandbox system is for playing around. It also allows us to look in the logs if a user needs help. The sandbox system is updated frequently.
Thank you, somehow I have missed that ssh://git@devnet.cardcontact.de:222/pki-as-a-service is now available.
That is probably because I missed to change the access condition for the repo…
Btw. did that screencast help to understand how to configure the HSM ?
I’m wondering if we should produce more of those.
The PKI-as-a-Service Portal now supports the EST protocol for automatic certificate enrollment.
Details can be found in the new blog entry.
For those using a large number of Nitrokey-HSMs / SmartCard-HSMs we’ve simplified the deployment of your private PKI-as-a-Service instance.
You can find a basic deployment script on Github that builds a local or remote docker setup with the database and service.
Looks like we can’t fetch Ivy settings: Could not resolve host: jenkins.mi.cardcontact.de
It should use the public version of the ivy settings file.
Using the settings from our internal jenkins is only meant for inhouse builds.
Does the script abort ? What is the output ?
