Prerequisites

Before integrating your HSM with Securosys External Key Store (XKS) Proxy and AWS KMS External Key Store, please make sure to fulfill all the necessary requirements listed below:

• AWS:
  • Existing AWS account,
  • Configured AWS VPC, AWS KMS external key store successfully connected (Example basic VPC configuration guide shown in the document annex)
• Docker: Latest version installed on your host device and configured user permissions. View installation guide
• Securosys:
  • Account (free) for the Support portal. To download the XKS Proxy, an account as a registered support user is required.
    If you are new to developing applications with a Securosys-HSM, you can obtain a free developer account by contacting us at info@securosys.com,
  • Securosys XKS Proxy v1 or newer - Download (login required),
  • Securosys Hardware Security Module (HSM):

CloudHSM

Securosys CloudHSM offers near-instant Hardware Security Module (HSM) operation by allowing you to select and subscribe to a variety of services and options tailored to your needs.

• Subscribe online (Free trial available)
• Contact sales.

HSM on-premises

Securosys Primus HSM, firmware v2.8.21, v2.10.5 or newer with JCE API license:

• Securosys Primus HSM
• Contact Sales

Load Balancing

It is recommended to establish redundancy in your environment. For more information on Securosys XKS proxy redundancy please refer to AWS documentation Creating a network load balancer.

More content

• Download the Securosys XKS Proxy for AWS (login required)
• Installing Docker on an EC2 instance
• Example - Creation of an XKS in AWS KMS
• Example - Generating a .jks domain file