- 1. Does OVFTOOL support RSA 2K encrypted signatures?
- 2. Is it possible to make the ovftool signing a two pass operation?
a> Pass 1: Complete everything up to computing hash, and give the hash output
b> Pass 2: We provide the signature and public key as X509 certs, and ovftool generate the final image
- 3. If ovftool cannot be run in two passes as explained above, what options you would suggest to integrate with an external crypto engine running on a different secure server.