Mod_tsa enginekey

Mod_tsa (from the OpenTSA project) is Apache HTTP server module providing Time Stamping Authority (TSA) server functionality, according to RFC3161.

We provide a modified version of mod_tsa, which extends the crypto device engine usage functionality. It is able to use a key stored in a HSM defined by its name, instead of a filename.


TSAKey directive

Original syntax

TSAKey filename

New syntax

TSAKey keyname [keyformat]

Accepted keyformat values: PEM (default) | DER | engine

keyname is key filename for PEM/DER formats, or key name (alias) for the engine format


Download mod_tsa, unpack it; download the patch and apply:

cd mod_tsa
zcat ../mod_tsa-20060923-enginekey-20131812.patch.gz | patch -p1

Then follow the original mod_tsa installation manual.


mod_tsa-20060923-enginekey-20131812.patch.gz (sha1sum: 4fdb834e2b8ae591541d0c4089df4882e60932dc)

original mod_tsa

mod_tsa-20060923.tgz [opentsa.org, archive.org, local copy]

Poslední úprava: 2013/12/18 17:45