The private key used for https in Apache Web Server can be moved inside the HSM with the help of pkcs11-tool . This tool can be installed with the package opensc.
|
|
prv_key.key is the private key used by apache server for the https cryptographic operations. It can be found in the Apache configuration file as the value for setting: SSLCertificateKeyFile. For Ubuntu this is in the file /etc/apache2/sites-available/default-ssl.conf. For Red Hat, this is in the file /etc/httpd/conf.d/ssl.conf.
The ID has to be provided in hexadecimal, so the ID of the previous example (313233) represents the ASCII code sequence 123.
Another method of importing the private key (more securely) is described in section "Importing the Private Key Inside the HSM". This method requires the cs_pkcs11.so engine to be installed.