Mod_tsa enginekey

Mod_tsa (from the OpenTSA project) is Apache HTTP server module providing Time Stamping Authority (TSA) server functionality, according to RFC3161.

We provide a modified version of mod_tsa, which extends the crypto device engine usage functionality. It is able to use a key stored in a HSM defined by its name, instead of a filename.

TSAKey directive

?? Original syntax :: TSAKey //filename// !!
?? New syntax :: TSAKey //keyname// [//keyformat//] !!

Accepted keyformat values: PEM (default) | DER | engine

keyname is key filename for PEM/DER formats, or key name (alias) for the engine format

Download mod_tsa, unpack it; download the patch and apply:

cd mod_tsa
zcat ../mod_tsa-20060923-enginekey-20131812.patch.gz | patch -p1

Then follow the original mod_tsa installation manual.

mod_tsa-20060923-enginekey-20131812.patch.gz (sha1sum: 4fdb834e2b8ae591541d0c4089df4882e60932dc)

mod_tsa-20060923.tgz [opentsa.org, archive.org, local copy]