CloudHSM Connectivity Details
This document provides all connectivity details for Securosys CloudHSM services. Choose the configuration for your CloudHSM environment.
Securosys offers connectivity for three primary service lines:
- CloudHSM - HSMaaS: Hardware Security Module as a Service.
- CloudHSM - TSBaaS: REST API and TSB as a Service.
- CloudHSM - DKEaaS: Double Key Encryption as a Service.
Information in Welcome Ticket
The Welcome Ticket that you received after purchase includes the connectivity details for your CloudHSM service. Please refer to that ticket for the easiest guidance. Alternatively, continue with the information below.
Ports
For all CloudHSM services, configure your API provider with the following TCP ports:
| TCP Port (JCE/JCA) | TCP Port (PKCS#11) | TCP Port (MS CNG) | TCP Port (REST API) | TCP Port (Partition Administration) |
|---|---|---|---|---|
*Configure Partition Administration only on the master device of a cluster.
Connectivity Details
- For HSMaaS, ensure you include both the master and all clone hostnames in your provider configuration for redundancy and failover.
- The RESTaaS is redundantly deployed and has automated failover within the HSM cluster.
| Cluster / Service | Environment | API - Master | API - Clones | REST API |
|---|---|---|---|---|
| ECO01 / ECO02 | Production (Switzerland) | ch01-api.cloudshsm.com | ch02-api.cloudshsm.com | rest-api.cloudshsm.com/v1/ |
| PLAXX | Platinum (International) | plaXX-api.cloudshsm.com | plaXX-api.cloudshsm.com | plaXX-rest-api.cloudshsm.com/v1/ |
| CCM01 | CC Certified, FIPS (Switzerland) | ch01-api.cloudshsm.com | ch02-api.cloudshsm.com | rest-api.cloudshsm.com/v1/ |
| CCMUS01 | CC Certified, FIPS (United States) | us01-api.cloudshsm.com | us02-api.cloudshsm.com | rest-api.cloudshsm.com/v1/ |
| ECOWR01 | Production (International) | de01-api.cloudshsm.com | us01-api.cloudshsm.com us02-api.cloudshsm.com sg01-api.cloudshsm.com | rest-api.cloudshsm.com/v1/ |
| ECODE01 | Production (Germany) | de01-api.cloudshsm.com | ch02-api.cloudshsm.com | rest-api.cloudshsm.com/v1/ |
| ECOUS01 | Production (United States) | us01-api.cloudshsm.com | us02-api.cloudshsm.com | rest-api.cloudshsm.com/v1/ |
| ECOSG01 | Production (Singapore) | sg01-api.cloudshsm.com | ch02-api.cloudshsm.com | rest-api.cloudshsm.com/v1/ |
| SBX01 | Sandbox / Testing | ch01-api.cloudshsm.com | ch02-api.cloudshsm.com us02-api.cloudshsm.com sg01-api.cloudshsm.com | sbx-rest-api.cloudshsm.com/v1/ |
CloudHSM - DKEaaS Connectivity Details
For CloudHSM Double Key Encryption as a Service (DKEaaS), use the following endpoints:
- KMS Endpoint: https://cockpit.securosys365.com/
- DKEaaS Apps Endpoints: Use the wildcard URL https://uuid.securosys365.com/ for DKEaaS applications.
For further assistance or clarifications, please contact your support representative or refer to the onboarding documentation included in your Welcome Support Ticket.