- 最新
- 投票最多
- 评论最多
Hello,
The issue you are facing is captured in the guidelines provided the in the CloudHSM documentation for "Migrating from Client SDK 3 to Client SDK 5". See these guidelines at link [1].
In Client SDK5, key handles for the same key change with each session. In other words, the key handle is not static as is the case in Client SDK3.
To successfully use key handles in Client SDK 5, you must obtain key handles each time you run an application. If you have existing applications that expect to use the same key handles across different runs, you must modify your code to obtain the key handle each time you run the application. This change is in compliance with the PKCS #11 2.40 specification [2].
Alternatively, you can assign unique key labels to your keys in the cluster and then consume these keys by their label when using client SDK 5.
References:
[1] https://docs.aws.amazon.com/cloudhsm/latest/userguide/migrate-sdk.html [2] https://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html#_Toc416959689
相关内容
AWS 官方已更新 4 个月前- AWS 官方已更新 3 年前
- AWS 官方已更新 4 个月前
Thank you very much, Teneng T, we will have to change our integration.