Menu
▾
▴
Re: [Ejbca-develop] Implementation NofM
|
From: Carlos R. <cm...@eu...> - 2017-01-05 17:47:18
|
Hello, I don't have HSM device, there no another way to do that? Regards, Carlos Rodrigues On Thu, 2017-01-05 at 15:05 -0200, Soluti Quintiliano wrote: > HI, > > > > > > Out of the box, the easy option is to limit access to EJBCA CA interface through user permissions. You can then storage the AC Admin (Superadmin) certificate inside an HSM and ensure the access to this specific key with MofN. You ll also need to isolate the access to EJBCA's shell server... > > Att. > > > > Proteja o endereço de email de seus contatos como estou protegendo o seu. > Ao enviar mensagens para mais de um endereço use SEMPRE o > > "Cco" (cópia oculta) ou "Bcc" (Blind carbon copy). > > > Esta mensagem é enviada exclusivamente a seu destinatário e pode conter informações > > > confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita > > o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenvia-la > ao emitente, esclarecendo o equívoco. > > > > This message is directed exclusively to its addressee and may contain confidential data, > > protected under professional secrecy rules. Its unauthorized use is illegal and may subject > > the transgressor to the law's penalties. If you're not the addressee, please send it back, > > elucidating the failure. > > > > > > > > > > 2017-01-05 14:31 GMT-02:00 Carlos Rodrigues <cm...@eu...>: > > Hello, > > > > > > I would like to know how to configure EJBCA to requires more than one person to active Certification Authority and prevent to change the CA settings? > > > > Any one could help me? > > > > Regards, > > Carlos Rodrigues > > > > On Wed, 2016-12-28 at 14:16 +0000, Carlos Rodrigues wrote: > > > > > > > Hello, > > > > > > I need to create one Certification Authority that needs more than one person to open CA to do any CA operation. > > > This should be including change CA to set approval settings. > > > > > > > > > > > > Regards, > > > > > > -- > > > Carlos Rodrigues > > > > > > Engenheiro de Software Sénior > > > > > > Eurotux Informática, S.A. | www.eurotux.com > > > (t) +351 253 680 300 (m) +351 911 926 110 > > > > > > > > > > > > > > > > > > --------------------------------------------------------------- --------------- > > > Check out the vibrant tech community on one of the world's most > > > > > > engaging tech sites, SlashDot.org! http://sdm.link/slashdot______ _________________________________________ > > > Ejbca-develop mailing list > > > Ejb...@li... > > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > -- > > Carlos Rodrigues > > > > Engenheiro de Software Sénior > > > > Eurotux Informática, S.A. | www.eurotux.com > > (t) +351 253 680 300 (m) +351 911 926 110 > > > > > > > > > > > > ----------------------------------------------------------------- ------------- > > > > Check out the vibrant tech community on one of the world's most > > > > engaging tech sites, SlashDot.org! http://sdm.link/slashdot > > _______________________________________________ > > > > Ejbca-develop mailing list > > > > Ejb...@li... > > > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > > > > -- Carlos Rodrigues Engenheiro de Software Sénior Eurotux Informática, S.A. | www.eurotux.com (t) +351 253 680 300 (m) +351 911 926 110 |
