Zachary N. comments

Results 4 comments of


                                            Zachary N.

osslsigncode AWS CloudHSM PKCS#11 Support

Example working parameters: ``` ./osslsigncode sign -pkcs11engine /var/task/pkcs11.so -pkcs11module /var/task/libcloudhsm_pkcs11.so -certs CLOUDHSM_CODE_CERT_FILE -key pkcs11:token=hsm1;object=CLOUDHSM_PKCS_KEY_LABEL -readpass CLOUDHSM_CREDS_FILE -ts http://timestamp.digicert.com -i https://www.example.com/ -n Named -h sha256 -in file -out outfile ``` libcloudhsm_pkcs11.so...

osslsigncode AWS CloudHSM PKCS#11 Support

The `Unable to enumerate private keys` may be the login issue. It's CloudHSM's generic error for "we didn't get back data we wanted" I believe. Seems like libp11 was refactored...

osslsigncode AWS CloudHSM PKCS#11 Support

Ah yeah, that commit (#389) is newer than when I was troubleshooting this process. Good to know.

fix(services/s3): environment/config role_arn ignored #4178

Current behavior of AWS_ROLE_ARN envar for AWS CLI does currently only support WebIdentityToken roles (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html skip to AWS_ROLE_ARN) However role_arn from a config file does support normal assumable roles, so...