Skip to content

Installing KRA with Random Serial Numbers v3

Jump to bottom
Endi S. Dewata edited this page Feb 11, 2022 · 8 revisions

Overview (Under Construction)

This page describes the process to install a KRA subsystem with random serial numbers.

Installation Procedure

To install KRA with random serial numbers, follow the normal KRA installation procedure, then specify the following parameter:

To use random key IDs, add the following parameters in the [KRA] section:

pki_key_id_generator=random

The key ID length (in bits) can be specified in pki_key_id_length parameter. The default is 160 bits.

To use random key request IDs, add the following parameters in the [KRA] section:

pki_request_id_generator=random

The key request ID length (in bits) can be specified in pki_key_request_id_length parameter. The default is 160 bits.

Verification

The keys will have random IDs, for example:

$ pki -n admin kra-key-find

The key requests will also have random IDs, for example:

$ pki -n admin kra-key-request-find
Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
Clone this wiki locally