Prerequisites

Before integrating your HSM with Securosys External Key Store (XKS) Proxy and AWS KMS External Key Store, please make sure to fulfill all the necessary requirements listed below:

• AWS:
  • Existing AWS account,
  • Configured AWS VPC, AWS KMS external key store successfully connected (Example basic VPC configuration guide shown in the document annex)
• Docker: Latest version installed on your host device and configured user permissions. (Installation guide)
• Securosys:
  • A Securosys CloudHSM or a Securosys Primus HSM with the JCE API license
  • A Support Portal account, to download the XKS Proxy,
  • Securosys XKS Proxy v1 or newer - Download (login required),

Load Balancing

It is recommended to establish redundancy in your environment. For more information on Securosys XKS proxy redundancy please refer to AWS documentation Creating a network load balancer.

More Content

• Download the Securosys XKS Proxy for AWS (login required)
• Installing Docker on an EC2 instance
• Example - Creation of an XKS in AWS KMS
• Example - Generating a .jks domain file