Hi Sherif,
take a look here:
http://privacyidea.readthedocs.org/en/latest/installation/system/securitymodule.html?highlight=securitymodule
To encrypt the enckey, you can use the script
pi-manage encrypt_enckey <filename>
This will not overwrite the file. The encrypted data will be written to
stdout. You can either pipe these or paste it.
You may also want to make a backup of the encryption key, anyway!
When you restart the apache it will start quite normal.
But at certain points, when data needs to be encrypted or decrypted you
will get the error:
ERR707: hsm not ready!
You can also check this at the command line after (re)-starting the
apache:
# privacyidea -U
https://localhost/pi --admin=super --nosslcheck \
securitymodule
Please enter password for 'super':
This is the configuration of your active Security module:
{ u'status': True, u'value': { u'is_ready': False}}
"is_ready": False shows you, that the encryption key is not ready to be
used.
So you need to run:
# privacyidea -U
https://localhost/pi --admin=super --nosslcheck \
securitymodule --module=default
Please enter password for 'super':
Please enter password for security module 'default':
Setting the password of your security module default
{ u'status': True, u'value': { u'is_ready': True}}
Now, "is_ready": True shows you, that the encryption key can be used by
privacyIDEA...
Take care and do backups ;-)
I do not know, who uses it productively at the moment.
Kind regards
Cornelius
> --
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to
privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/d4e7e11b-0b96-476e-a36c-b7189cc6e339%40googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel:
+49 561 3166797, Fax:
+49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel