SignServer SoftHSM2 integration in Kubernetes
ENTERPRISE
Add the following configuration to the signserver
section in the values.yaml
file.
signserver:
# Extra init containers to be added to the deployment
initContainers:
- name: hsm-driver-init
image: registry.primekey.com/primekey/hsm-driver-softhsm:2.6.1
command:
[
"sh",
"-c",
"cp --preserve --recursive /opt/keyfactor/p11proxy-client/* /mnt/",
]
volumeMounts:
- name: p11proxy-client
mountPath: /mnt
# Extra sidecar containers to be added to the deployment
sidecarContainers:
- name: hsm
image: registry.primekey.com/primekey/hsm-driver-softhsm:2.6.1
imagePullPolicy: IfNotPresent
env:
- name: SOFTHSM2_LOG_LEVEL
value: INFO
volumeMounts:
- name: tokens
mountPath: /var/lib/softhsm/tokens
# Extra volumes to be added to the deployment
volumes:
- name: p11proxy-client
emptyDir: {}
- name: tokens
persistentVolumeClaim:
claimName: softhsm-signserver-pvc
# Extra volume mounts to be added to the deployment
volumeMounts:
- name: p11proxy-client
mountPath: /opt/keyfactor/p11proxy-client