...
- Modified softhsm, TPM plugin and import tool will be pre-installed and come from the base image
- During the AAF/CM/CA container init, run import.sh and sub scripts to import the CA key to either softhsm or TPM
- Needs a mount volume to present the pins, formatted keys, srkhandle srkhandle and import password for TPM import
- Needs a mount volume to present the pins, encrypted private key and passphrase for the Softhsm import
- Create org.osaaf.cm.pkcs11 file under ~/oom/kubernetes/aaf/resources/config/local/
- Change property file under ~/oom/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props to point props
- point to .pkcs11 file
- alias
- encrypted pin
- During the LocalCA instantiation, path to pkcs11 config file, alias and the keystore pin is passed in through list of paramas
- Using these, LocalCA will add the pkcs11 provider
- load the pkcs11 keystore
- get the CA key