Download
Step 1: Download Artifactory Credentials
Get the Artifactory Credentials from the Download-Link-File available on the Securosys Support Portal. It contains the passwords necessary to download the config files and pull the Docker images.
Support Portal: Download-Link-File
Step 2: Download Configuration Files
Download the configuration files. They include the Docker Compose templates as well as the application configuration templates.
Currently the latest version is: VERSION=v2.6.0 - Note the v in front of the version-number.
- Unix
- Web (Windows)
VERSION=latest
PASSWORD=<REPLACE_ME>
curl -L -u "robot.reader.tsb:${PASSWORD}" -O \
"https://securosys.jfrog.io/artifactory/external-tsb/${VERSION}/Securosys_TSB-${VERSION}.zip"
Step 3: Software Download (Docker pull)
To launch the multi-container application, execute the following command in the directory
where the docker-compose.yml file is located.
Provide the password that you obtained from the Download-Link-File.
docker login securosys.jfrog.io -u robot.reader.tsb
docker pull securosys.jfrog.io/external-tsb/securosys-tsb:latest
Step 4: Verify Image (Optional)
Optionally, you can verify that the Docker images has been signed by Securosys, to establish authenticity of the image.
-
Download the public key needed for verification.
-
Verify the Docker image signature with Cosign:
export VERSION=2.6.0
export IMAGE_PATH=securosys.jfrog.io/external-tsb/securosys-tsb:${VERSION}
export IMAGE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ${IMAGE_PATH} | cut -d'@' -f2 | cut -d':' -f2)
cosign verify --key securosys-prod-docker-signing-key001.pub --insecure-ignore-tlog "${IMAGE_PATH}@sha256:${IMAGE_DIGEST}"
If the verification is successful, the output looks as follows:
Verification for securosys.jfrog.io/external-tsb/securosys-tsb@sha256:a54b3e5aa2a1424a6d524c36e2eec3733dfb692cc92e980ac61b40d0baaf0f16 --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- The signatures were verified against the specified public key
[{"critical":{"identity":{"docker-reference":"securosys.jfrog.io/external-tsb/securosys-tsb"},"image":{"docker-manifest-digest":"sha256:a54b3e5aa2a1424a6d524c36e2eec3733dfb692cc92e980ac61b40d0baaf0f16"},"type":"cosign container image signature"},"optional":{"Subject":""}}]
Release
v2.x Branch
To fully leverage the features introduced in TSB version 2.0, the Primus HSM must run firmware version 3.x. This is already the case for all Securosys CloudHSM clusters (except ECO CC, since certification for firmware 3.1 is pending).
| Version | Release Date | Image Name | Release Notes |
|---|---|---|---|
| v2.6.0 | 2025.10.20 (latest) | securosys.jfrog.io/external-tsb/securosys-tsb:2.6.0 | Release Notes - v2.6.0 |
| v2.5.1 | 2025.08.13 | securosys.jfrog.io/external-tsb/securosys-tsb:2.5.1 | Release Notes - v2.5.1 |
| v2.5.0 | 2025.07.15 | securosys.jfrog.io/external-tsb/securosys-tsb:2.5.0 | Release Notes - v2.5.0 |
| v2.4.0 | 2025.04.28 | securosys.jfrog.io/external-tsb/securosys-tsb:2.4.0 | Release Notes - v2.4.0 |
| v2.3.1 | 2025.03.07 | securosys.jfrog.io/external-tsb/securosys-tsb:2.3.1 | Release Notes - v2.3.1 |
| v2.2.0 | 2024.12.18 | securosys.jfrog.io/external-tsb/securosys-tsb:2.2.0 | Release Notes - v2.2.0 |
| v2.1.1 | 2024.09.23 | securosys.jfrog.io/external-tsb/securosys-tsb:2.1.1 | Release Notes - v2.1.1 |
| v2.1.0 | 2024.08.16 | securosys.jfrog.io/external-tsb/securosys-tsb:2.1.0 | Release Notes - v2.1.0 |
| v2.0.1 | 2024.07.25 | securosys.jfrog.io/external-tsb/securosys-tsb:2.0.1 | Release Notes - v2.0.1 |
| v2.0.0 | 2024.04.04 | securosys.jfrog.io/external-tsb/securosys-tsb:2.0.0 | Release Notes - v2.0.0 |
v1.x Branch
| Version | Release Date | Image | Release Notes |
|---|---|---|---|
| v1.18.0 | 2024.03.07 | securosys.jfrog.io/external-tsb/securosys-tsb:1.18.0 | Release Notes - v1.18.0 |
| v1.17.1 | 2023.12.11 | securosys.jfrog.io/external-tsb/securosys-tsb:1.17.1 | Release Notes - v1.17.1 |
| v1.17.0 | 2023.11.06 | securosys.jfrog.io/external-tsb/securosys-tsb:1.17.0 | Release Notes - v1.17.0 |
| v1.16.1 | 2023.10.10 | securosys.jfrog.io/external-tsb/securosys-tsb:1.16.1 | Release Notes - v1.16.1 |
| v1.16.0 | 2023.07.28 | securosys.jfrog.io/external-tsb/securosys-tsb:1.16.0 | Release Notes - v1.16.0 |
| v1.15.2 | 2023.07.19 | securosys.jfrog.io/external-tsb/securosys-tsb:1.15.2 | Release Notes - v1.15.2 |
| v1.15.1 | 2023.04.12 | securosys.jfrog.io/external-tsb/securosys-tsb:1.15.1 | Release Notes - v1.15.1 |
| v1.14.1 | 2022.12.07 | securosys.jfrog.io/external-tsb/securosys-tsb:1.14.1 | Release Notes - v1.14.1 |
| v1.14.0 | 2022.10.31 | securosys.jfrog.io/external-tsb/securosys-tsb:1.14.0 | Release Notes - v1.14.0 |
| v1.11.0 | 2022.04.21 | securosys.jfrog.io/external-tsb/securosys-tsb:1.11.0 | Release Notes - v1.11.0 |