Remote access of softhsm

[AkashMaharana]

Hi Rodrigo

I am currently implementing a business use case with Softhsmv2. So in the first phase of development I was able to interact with the softhsm by using PKCS11 library in JAVA. But later I got the requirement like I need to host the softhsm in a different machine or VM and client application needs to interact remotely to get the certificates.

So in my initial search I got to know about pkcs11-proxy library. Then I followed few of the stackover flow hints and and your github channels. Those links are given below.
https://stackoverflow.com/questions/56756141/expose-softhsm-library-to-the-code-running-in-host-machine
https://github.com/rbroggi/softhsm-daemon

In the above examples both softshm and client application present in the same machine. Can you please let me know is there anyway to connect a remote softhsm using PKCS11 interface in JAVA where I can define the IP of the remote machine to which it should connect?

Thanks

[rbroggi]

Hey @AkashMaharana , as the server and client are two different containers the solution in this repo is of course extendable to two different servers. You can see here how I define the PKCS11_PROXY_SOCKET using the hsm hostname (which is the name of the container).

Everything should follow easily on your side.

[rbroggi]

If I find some time I can try to produce a docker-compose file making some of the things above easier to understand.

[EdwardNgo]

Just got here in your discussion, I don't know how to interact with this kind in java, I try to use libpkcs11-proxy.so in config file but it does not work