|Applies To||RSA Certificate Manager 6.8|
RSA Certificate Manager (RCM)
Sun Solaris 2.8
SafeNet Luna SA 4.3.2
SafeNet Luna SA
Hardware Security Module (HSM)
|Issue||Is SHA-256 supported on RSA_CM with a HSM via P11?|
RCM will not allow me to create a CA with SHA-256 in RSA for the SafeNet device.
With RSA Certificate Manager 6.8 build 514 and RSA Certificate Manager API can create keys on tokens. Luna CA3 supports key generation for varying key lengths in RSA and DSA key pairs.
RSA: 1024 bits, 2048 bits, 4096 bits
DSA: 512 bits, 1024 bits, 2048 bits
This is been added with with latest RCM Hot Fix, and it shows this in README:
Prior to build 517, the SHA-2 algorithms using PKCS #11 device was not supported. Even if the PKCS #11 device supported the SHA-2 algorithms, these algorithms were not listed while creating the CA using Certificate Manager. As a result, Certificate Manager was unable to use the SHA-2 algorithms while creating the CA keys using PKCS #11 devices.
In RSA Certificate Manager 6.8 build517, this issue is fixed. Certificate Manager can now create the CA with SHA-256, SHA-384, or SHA-512 hash algorithms while using PKCS #11 devices.
|Legacy Article ID||a50298|