Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add note about PKCS#11

Browse Source
pull/458/head
Carl Tashian 3 years ago
parent 9fd0964e1c
commit 73fc350b84
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File

3
systemd/step-ca.service
Unescape Escape View File

@ -30,7 +30,8 @@ SecureBits=keep-caps
NoNewPrivileges=yes
; Sandboxing
; This works with YubiKey PIV (via pcscd), and presumably with YubiHSM2 via http connector
; This sandboxing works with YubiKey PIV (via pcscd HTTP API), but it is likely
; too restrictive for PKCS#11 HSMs.
ProtectSystem=full
ProtectHome=true
RestrictNamespaces=true

Write Preview
Loading…
Cancel
Save