Install the API Provider

Keyfactor EJBCA can connect to your Securosys HSM either via the PKCS#11 or via the REST API. In both cases, some software needs to be installed and configured.

Option 1: PKCS#11

Install the Primus PKCS#11 Provider on the same machine where you are running Keyfactor EJBCA.

Option 2: REST

The REST API is exposed via the Transaction Security Broker (TSB). The TSB is an external service that functions as a REST-to-JCE rewrite proxy (because the HSM natively exposes a JCE API, but not a REST API).

In CloudHSM, Securosys operates a TSB for you. Simply choose it as an option when signing up.

For on-premise Primus HSMs, follow the TSB installation guide to deploy the TSB on-premise.

Get started withCloudHSM for free.

Need help?Contact Support.

Other questions?Ask Sales.

Option 1: PKCS#11​

Option 2: REST​

Option 1: PKCS#11

Option 2: REST