Re: Using softHSM with orderer/peer #hsm


Tsvetan Georgiev
 

Hi Shantanu,


In few words when configured to use HSM the Fabric CA client enroll command will use the HSM to generate and store the private key (the PK will not be stored on the file system as it will be inside the HSM)

Hope that helps.

Senofi

Tsvetan Georgiev
Director, Senofi Inc.

438-494-7854 | tsvetan@...

www.senofi.ca

www.consortia.io







---- On Thu, 08 Apr 2021 18:57:43 -0400 <km.shantanu@...> wrote ----

Hello Team,

I am trying to set up a network with 3 orderers 2 peers and one CA with HSM support(softHSM). I have successfully set up CA with softHSM and can register and enroll with this.

I am trying to understand if how can I set up an orderer/peer to communicate with CA to get a private key and put that in soft-HSM? For example, if I run the fabric-client enroll command it stores the private key on the disk which kind of defeats the purpose of soft-HSM. Can someone please help clarify my understanding here and provide some guidance?

Thanks
Shantanu





Join fabric@lists.hyperledger.org to automatically receive all group messages.