使用 AWS CloudHSM 服务在 Windows Server 上生成 CSR 时,我收到以下错误:
certreq.exe -new my-request.inf my-request.csr
Certificate Request Processor: Provider type not defined. 0x80090017 (-2146893801 NTE_PROV_TYPE_NOT_DEF)
怎么了 ?
使用 AWS CloudHSM 服务在 Windows Server 上生成 CSR 时,我收到以下错误:
certreq.exe -new my-request.inf my-request.csr
Certificate Request Processor: Provider type not defined. 0x80090017 (-2146893801 NTE_PROV_TYPE_NOT_DEF)
怎么了 ?
此错误消息通常表明您以 CU 用户身份连接到 CloudHSM 集群的凭据不正确:
此外,如果遇到以下错误,这通常意味着您尚未设置 CloudHSM 凭据(见下文)
n3fips_password env variable not set>
Cfm2Shutdown: Application is not initialized
& "C:\Program Files\Amazon\CloudHSM\tools\set_cloudhsm_credentials.exe" --username test_cu_user --password xxx
# Securely input the username and password:
${hsm_creds_user} = Read-Host -AsSecureString "hsm_creds_user"
${hsm_creds_password} = Read-Host -AsSecureString "hsm_creds_password"
# Convert from SecureString to String
$hsm_cu_user = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($hsm_creds_user))
$hsm_cu_pwd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($hsm_creds_password))
#
& "C:\Program Files\Amazon\CloudHSM\tools\set_cloudhsm_credentials.exe" --username ${hsm_cu_user} --password ${hsm_cu_pwd}
您现在可以使用 certreq 或 signtool。
来源: