Comment: 24.R1 - updated use cases and other information across the article.

Remember to update the release version number before publishing externally.

Info
This article includes updates for Smart ID Identity Manager 24.R1.

...

Configuration attribute	Value	Comments
`asymCipher`	RSA/ECB/OAEPWithSHA-384AndMGF1Padding	Must be declared so the iD2 provider accepts it: "None" is not supported as cipher mode but , "ECB" is compatible in this scenario and can be used instead In OAEP padding, all SHA-x hashes must be given with a dash in the name
`<keys>` section:
`type name`	HSM	Must be "HSM" for keys stored in the HSM.
`locationValue`	Either the absolute path of the HSM's P11 DLL/.so (without extension) OR the DLL/.so's filename without extension
`pin`	The user PIN of the HSM.	The `pin.encrypted` attribute is also supported to scramble the PIN. For docker deployments it is required to scramble the PINs before starting the Identity Manager Admin and Identity Manager Operator containers (stop them by invoking `docker compose down` from within docker/compose/identitymanager/admin and docker/compose/identitymanager/operator, if already running). This is done by first replacing each `pin="thePlainTextPin"` with `pin.encrypted="thePlainTextPin"` and then invoking the following command from within the docker/compose/identitymanager/bootstrap folder: `docker compose run --rm scramble_sign_encrypt_config`
`alias`	The alias of the respective key.	In the HSM, the keypair and the certificate must be stored within the same label/alias.
`slot`	Optional if your keys are stored in HSM slot 0.	The first slot is not guaranteed to be 0. Slot numbering may differ, depending on the HSM.

...

Additional information

Expand

title	Useful links

Versions Compared