Imported Trust Authorities

Started by ole, June 11, 2020, 09:01:49 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 11, 2020, 09:01:49 PM
Hi,

can I use (or even is it supported) an external Security token like the Nitrokey Start with PGP keys with the Trust/Authorities? I would assume I have to use 'Import an exsisting Certificate Authority' but the question rise how to enter the pass phrase for the private key than. The Nitro Key must be probably placed on the OPNsense box I would assume.

Thanks in advance
June 12, 2020, 08:29:54 AM #1
Hi ole,

PGP keys have nothing to do with TLS/SSL certificate chains, i.e. intermediate and root certificates provided under "trust authorities".


Cheers,
Franco
June 12, 2020, 06:15:24 PM #2
thanks for your answer. Probably my question was missleading. I did consider using something described here: https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html or https://raymii.org/s/articles/Nitrokey_Start_Getting_started_guide.html, using the smartcard capability of Nitrokey (Start) - not the PGP signing one. There is a Certificate/Signing private key on this 2nd factor. I fear, the private Key(s) can be hacked e.g. if something is misconfigured on OPNsense by me once a day.
Print
Go Up Pages1
User actions