Questions tagged with AWS CloudHSM
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hello,
This question is related to Cloud HSM cluster initialization process and usage of the private key once cluster is initialized.
What is the usage of the private key which was used to the sign...
0
answers
1
votes
141
views
asked 2 years agolg...
In simple terms, what is the key hierarchy in CloudHSM for actually encrypting data. I found this very easily for AWS KMS...... Domain Key > HBK/KMS Key > Data encryption Key (with exportable key...
0
answers
0
votes
114
views
asked 2 years agolg...
Using Amazon Linux 2 HSM client with a working HSM cluster I am having trouble using this command:
```
importPrivateKey -f rsa4096.key -l triactaRootCAPrivateKey -w 1835014
Enter PEM pass...
0
answers
0
votes
149
views
asked 2 years agolg...
DigiCert is dropping support for older code signing using a local PEM file: "Starting on November 15, 2022, at 00:00 UTC, industry standards will require private keys for OV code signing certificates...
1
answers
0
votes
491
views
asked 2 years agolg...
Hello community,
I am looking for Cloud HSM JCE based HSM connection. One of my requirements is to generate Plain AES key and Wrap it with RSA key. This is to implement something similar to what is...
1
answers
0
votes
339
views
asked 2 years agolg...
I am testing out the cloudhsm and setting it up on a EC2 Win2019 server. I get the following error when I run the cloudhsm mgmt util to connect the server to the cloud HSM:
```
PS C:\Program...
1
answers
0
votes
621
views
asked 2 years agolg...
Are AWS services assigned IAM roles that allow them to access the CloudHSM API....and then use the CloudHSM client Crypto User account to complete their task encrypt/decrypt task? If no, how does an...
2
answers
0
votes
378
views
asked 2 years agolg...
My understanding is, Private Key should never leave HSM cluster. HSM-Client should pass key-handle, Mechanism and payload to the HSM-Server and HSM-Server should encrypt or sign the payload and give...
0
answers
0
votes
161
views
asked 2 years agolg...
Hello there, I do have a requirement in my application to encrypt and decrypt data using a symmetric key algorithm (mostly AES/CBC/PKCS5Padding).
CONSTRAINT and Requirements are
1. I need to use...
1
answers
0
votes
1052
views
asked 2 years agolg...
Hi, I am trying to use Cavium in a Java application for two-way SSL handshake. My application is the client application. However when the application runs, the client handshake fails with the...
0
answers
0
votes
192
views
asked 2 years agolg...
I am assuming that when you follow the steps to use "TLS client-server mutual authentication," the default key can still be used.
* Is it possible to **only** allow "TLS client-server mutual...
1
answers
0
votes
476
views
asked 3 years agolg...
Can an application be architected so that it leverages CloudHSM clusters in multiple regions (at least 2)? Possibly by using the cross-region replication/cloning so data can be decrypted in both...
4
answers
1
votes
1350
views
asked 3 years agolg...