opencryptoki-users Mailing List for openCryptoki

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Yes ... but please, I don't know if locking works with volumes assigned to containers.
So this works fine as long as the applications use it in a read-only fashion, but
I am not sure if this also works when one of these containers does an update in the ock
key store. Please be aware - this is not special to opencrpytoki - every 'statefull'
container like database instances has this very same problem within a cluster. Maybe
you read more about this in the kubernetes docu for statefull sets.

On 09.02.21 18:46, Alan King wrote:
> Thank you.  So just to be sure - I can mount a shared filesystem on /var/lib/opencryptoki and the token key objects will be available to all containers sharing that filesystem.  Is that correct?
>  
> Alan
>  
>
>
> Alan King
> Financial Sciences
> IBM Research
>  
>  
>
>     ----- Original message -----
>     From: "Harald Freudenberger" <fr...@li...>
>     To: Alan King/Watson/IBM@IBM, ope...@li...
>     Cc:
>     Subject: Re: [EXTERNAL] [opencryptoki-users] Using Opencryptoki in a docker container - serializing keys for stop (or crash!) and restart / restore
>     Date: Tue, Feb 9, 2021 9:36 AM
>      
>     Hello Alan
>
>     hm, what do you mean with "recover keys" ?
>
>     I assume you are referring to some kind of token key objects.
>     Opencryptoki has it's memory about keys in /var/lib/opencryptoki.
>     So you can for example customize your docker image with a prepared
>     /var/lib/opencryptoki and all ock objects stored in there are available
>     in your container instances.
>
>     On 09.02.21 15:08, Alan King wrote:
>     > Hi all - a newbie here (who probably should read manuals more thoroughly).
>     >  
>     > We are deploying a Cloud service that will use a Softhsm - just for development purposes.
>     >  
>     > The question is whether there is a way to recover keys from storage.  I see a migrate executable.
>     > Is that the way to do it?
>     >  
>     > Thanks
>     > Alan
>     >  
>     >  
>     >
>     >
>     > Alan King
>     > Financial Sciences
>     > IBM Research
>     >
>     >
>     >
>     > _______________________________________________
>     > opencryptoki-users mailing list
>     > ope...@li...
>     > https://lists.sourceforge.net/lists/listinfo/opencryptoki-users 
>
>  
>

2005	Jan	Feb	Mar	Apr (3)	May	Jun (8)	Jul (5)	Aug (5)	Sep (2)	Oct	Nov (3)	Dec
2006	Jan (7)	Feb (5)	Mar	Apr	May	Jun (2)	Jul (7)	Aug	Sep	Oct	Nov (8)	Dec (3)
2007	Jan (14)	Feb	Mar	Apr (14)	May	Jun	Jul	Aug	Sep	Oct (2)	Nov (10)	Dec (6)
2008	Jan (2)	Feb	Mar (5)	Apr (6)	May (3)	Jun (6)	Jul (10)	Aug (4)	Sep (17)	Oct (13)	Nov (43)	Dec (72)
2009	Jan (4)	Feb	Mar	Apr	May	Jun	Jul	Aug (9)	Sep (5)	Oct (2)	Nov	Dec
2010	Jan	Feb	Mar	Apr	May (1)	Jun	Jul (23)	Aug	Sep	Oct	Nov (9)	Dec
2011	Jan (2)	Feb	Mar	Apr	May (1)	Jun	Jul	Aug	Sep	Oct	Nov	Dec
2012	Jan	Feb (15)	Mar	Apr (1)	May (6)	Jun (5)	Jul	Aug (2)	Sep (6)	Oct	Nov (1)	Dec
2013	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug (6)	Sep	Oct	Nov	Dec
2016	Jan (1)	Feb	Mar (1)	Apr	May (5)	Jun (1)	Jul	Aug	Sep (4)	Oct (2)	Nov	Dec
2017	Jan	Feb	Mar (2)	Apr (1)	May (2)	Jun (1)	Jul	Aug	Sep (1)	Oct (2)	Nov (1)	Dec
2018	Jan	Feb (1)	Mar	Apr	May	Jun (2)	Jul	Aug	Sep	Oct	Nov (1)	Dec
2019	Jan (1)	Feb	Mar	Apr	May	Jun	Jul	Aug	Sep	Oct	Nov	Dec
2021	Jan	Feb (4)	Mar	Apr	May	Jun	Jul	Aug	Sep	Oct	Nov	Dec

opencryptoki-users Mailing List for openCryptoki

opencryptoki-users — Discuss usage of the PKCS#11 API and App development