.png){kind=logo}
SoftHSM2 integration in Kubernetes
ENTERPRISE
Please add this to values.yaml file in ejbca or signserver section.
For a full example with EJBCA please see Deploy EJBCA as CA with automation with SoftHSM2.
YAML
#ejbca:
#signserver:
# Extra init containers to be added to the deployment
initContainers:
- name: hsm-driver-init
image: registry.primekey.com/primekey/hsm-driver-softhsm:1.0.9
command:
["sh", "-c", "cp --preserve --recursive /opt/keyfactor/p11proxy-client/* /mnt/driver/"]
volumeMounts:
- name: p11proxy-client
mountPath: /mnt/driver/
#- name: tokens
# mountPath: /mnt/tokens
# Extra sidecar containers to be added to the deployment
sidecarContainers:
- name: hsm
image: registry.primekey.com/primekey/hsm-driver-softhsm:1.0.9
imagePullPolicy: IfNotPresent
env:
- name: SOFTHSM2_LOG_LEVEL
value: INFO
#volumeMounts:
# - name: tokens
# mountPath: /mnt/tokens
# Extra volumes to be added to the deployment
volumes:
- name: p11proxy-client
emptyDir: {}
#- name: tokens
# persistentVolumeClaim:
# claimName: softhsm-pvc
# Extra volume mounts to be added to the deployment
volumeMounts:
- name: p11proxy-client
mountPath: /opt/keyfactor/p11proxy-client