Mod_tsa (from the OpenTSA project) is Apache HTTP server module providing Time Stamping Authority (TSA) server functionality, according to RFC3161.
We provide a modified version of mod_tsa, which extends the crypto device engine usage functionality. It is able to use a key stored in a HSM defined by its name, instead of a filename.
TSAKey filename
TSAKey keyname [keyformat]
Accepted keyformat values: PEM
(default) | DER
| engine
keyname is key filename for PEM
/DER
formats, or key name (alias) for the engine
format
Download mod_tsa, unpack it; download the patch and apply:
cd mod_tsa zcat ../mod_tsa-20060923-enginekey-20131812.patch.gz | patch -p1
Then follow the original mod_tsa installation manual.
mod_tsa-20060923-enginekey-20131812.patch.gz (sha1sum: 4fdb834e2b8ae591541d0c4089df4882e60932dc
)
mod_tsa-20060923.tgz [opentsa.org, archive.org, local copy]