Menu
▾
▴
Re: [Ejbca-develop] Private key Generation
|
From: Tomas G. <to...@pr...> - 2016-04-26 10:33:43
|
Hi, If you use an HSM CA key generation is performed in the HSM. As for other randomness you can search for Java Random or SecureRandom. Java random is good, and in general uses the OS random source where needed. Regards, Tomas On 2016-04-25 17:49, Florent Le Saout wrote: > Hi, > > I'm looking for the method used by EJBCA to generate the private keys in > general (CA, Sub-Ca, certificates...). > > _So I have multiple questions, which at the end are all related to the > same thing:_ > > * Is the generation process all done in EJBCA application ? > * Or do they rely on Java EE-based application server random number > generation (in my case Jboss) ? > * Is there a link somewhere with the locally implemented random number > generation, so for instance on Linux /dev/random ? > * What is the level of entropy, and is there some guaranty about a > minimum value, and could we improve it by taking some action while > it's generating a key ? > > > I looked in the documentation and didn't find any informations about > that, but maybe I missed it. > > Thanks for your help, > Florent. > > > > ------------------------------------------------------------------------------ > Find and fix application performance issues faster with Applications Manager > Applications Manager provides deep performance insights into multiple tiers of > your business applications. It resolves application problems quickly and > reduces your MTTR. Get your free trial! > https://ad.doubleclick.net/ddm/clk/302982198;130105516;z > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
