pkcs11helper

module

v0.3.5 Latest Latest Go to latest Published: Mar 27, 2021 License: MPL-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Go PKCS#11 helper module for certificate signing using HSMs.

The Setup instructions help get an HSM up and running with a usable signed Intermediate CA.

SoftHSM2, Thales SafeNet DPoD and Entrust nShield HSMs are currently documented, though any PKCS#11 compliant HSM should work.

The casigner11 command line client is work in progress, as is this documentation.

Once the signed Intermediate issuing CA cert has been produced, use TestCASigner to try out the HSM signer.

Check TESTING for more instructions.

A Vault plugin is also available which uses this pkcs11helper module to add support for HSM backed PKI.

HSM PKI for Vault was sponsored by BT UK and developed by mode51 Software under the Mozilla Public License v2.

Path	Synopsis
cmd
casigner11
internal
app
pkg
pkcs11client Helpers for PKCS#11 including instructions for configuring: - SoftHSM - Thales SafeNet DPoD - Entrust nShield	Helpers for PKCS#11 including instructions for configuring: - SoftHSM - Thales SafeNet DPoD - Entrust nShield