Skip to main content
Skip table of contents

SignServer SoftHSM2 integration in Kubernetes

ENTERPRISE

Add the following configuration to the signserver section in the values.yaml file.

YAML
signserver:
  # Extra init containers to be added to the deployment
  initContainers:
    - name: hsm-driver-init
      image: registry.primekey.com/primekey/hsm-driver-softhsm:2.6.1
      command:
        [
          "sh",
          "-c",
          "cp --preserve --recursive /opt/keyfactor/p11proxy-client/* /mnt/",
        ]
      volumeMounts:
        - name: p11proxy-client
          mountPath: /mnt
  # Extra sidecar containers to be added to the deployment
  sidecarContainers:
    - name: hsm
      image: registry.primekey.com/primekey/hsm-driver-softhsm:2.6.1
      imagePullPolicy: IfNotPresent
      env:
        - name: SOFTHSM2_LOG_LEVEL
          value: INFO
      volumeMounts:
        - name: tokens
          mountPath: /var/lib/softhsm/tokens
  # Extra volumes to be added to the deployment
  volumes:
    - name: p11proxy-client
      emptyDir: {}
    - name: tokens
      persistentVolumeClaim:
        claimName: softhsm-signserver-pvc
  # Extra volume mounts to be added to the deployment
  volumeMounts:
    - name: p11proxy-client
      mountPath: /opt/keyfactor/p11proxy-client
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.