petkivim
commented
6 years ago If the problem still persists, please open a new issue in the X-Road Development repository.
Regards, Petteri
Closed lauri-aloauri closed 6 years ago
petkivim
commented
6 years ago If the problem still persists, please open a new issue in the X-Road Development repository.
Regards, Petteri
Problem In the x-road v6 production environment server , we attempted to switch from Utimaco Se 50 Gen1 to Utimaco Se500 Gen2. We restored Utimaco Se50 Gen keys to the Utimaco Se500 Gen2. Restoring the keys was successful. Problem is that all the restored signer keys statuses unavailable (signer-console) and x-road v6 production server cant use them. We communicated our problem with RIA and they told us that these keys must be in available state and only then the x-road v6 security server is capable using them. They told us there is probably compatiblity issue because the Utimaco Se500 Gen2 uses PSS signing mechanism. Are the old keys is are compatible with new PSS signing mechanism. RIA told use to make contact with Utimaco local vendor how to transfer old signing key to PSS mechanism. Utimacio vendor told us that problem is entirely in x-road v6 software side. We communicated this answer to RIA (help@ria.ee). After that RIA help answered us following: "We have no definite answers. There is no Ria experience. As I understood, the Utimaco vendor is not looking for solutions in this regard. One option is to bring you together with Cyber X-Road developers and try to find possible solutions to them."
AS Andmevara does not have any exprience and definitly no answers how solve this problem. We think that x-road community has more experience helping RIA solving this problem. It also cost problem for because we have lot keys in Utimaco se50 Gen 1 and sertificates etc. Our point of view is that RIA must find the way to solve this problem