Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Admin creates the primary key by calling utility script create_primary.sh on the tpm capable host. Provides the key password to the OOM which will be passed on to the CA container for key import.


Distribution center container

...

This container expects list of SRK public keys for each host under ~/volume/host_<host name>/out_parent_public and passphrase under ~/volume/passphrase

...

INPUT 

This container expects encrypted password,passphrase, srkhandle and  tpm_status.yaml under ~/volume/host_<host name> 

password

...

srkhandle

tpm_status.yaml


OUTPUT

This will output SRK public key under ~/volume/host_<host name>/out_parent_public and updates tpm_status.yaml file


CA Container

INPUT

upin and sopin under ~/volume/host_<hostname> 

       upin

       sopin

This container expects following files under ~/volume/host_<host name> for TPM capable host

srkhandle

password.txt.gpg - TPM import key password 

password - passphrase 

ca.cert
dupEncKey
dupPriv
dupPub
dupSymseed

Expects following files under ~/vloume/host_<host name> for Softhsm only system

ca.cert

privkey-passphrase
privkey.pem.gpg

...