Skip to content

allow clients to provide the PKCS11 pin to the tedge-p11-server when interacting in the socket mode #3716

Closed
Feature
#3809
Closed
allow clients to provide the PKCS11 pin to the tedge-p11-server when interacting in the socket mode#3716
Feature
#3809
Labels
ideaideas/opportunities/feature requests which need to be further investigated before implementationtheme:hsmHardware Security Module related topics
Milestone
1.7.0
@reubenmiller

Description

@reubenmiller
reubenmiller
opened on Jun 30, 2025

Is your feature request related to a problem? Please describe.

It can be difficult for users to configure the PKCS11 pin to be used by the tedge-p11-server when the customer's applications (including tedge) are running within a container, and don't have access to the tedge-p11-server process or its configuration file.

Describe the solution you'd like

Allow clients to specify the PKCS11 pin to be used for interactions with the tedge-p11-server. Since the tedge-mapper already supports providing the key_uri to tedge-p11-server, allowing the client to also specify the required PIN would all the variable tedge-p11-server configuration to be controlled by the client (all by the PKCS11 module_path, however this is a static value which can be hardcoded when installing tedge-p11-server).

Describe alternatives you've considered

Additional context

Metadata

Metadata

Assignees

No one assigned

    Labels

    ideaideas/opportunities/feature requests which need to be further investigated before implementationtheme:hsmHardware Security Module related topics

    Type

    Feature

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions