3

If not, does anybody offer FIPS 140-2 HSMs with PKCS#11 on the Azure marketplace?

Valo
  • 1,872
  • 2
  • 15
  • 23
  • Don't know if Azure can supply PKCS#11 on their platform. If you don't get an answer there -- Utimaco has multi-cloud capable HSMs (140-2 Level 3) that are accessible from Azure. – rip... Oct 10 '20 at 03:06

2 Answers2

2

It looks like the Key Vault service does not support PKCS#11 - it's mostly, well, keys and secrets vault (secure store). However, the Azure dedicated HSM provides physical, dedicated, cryptographic key storage and services. They use SafeNet Luna Network HSM 7 (Model A790) appliance from Gemalto - FIPS 140-2 Level 3-validated devices, which also has an accessible PKCS#11 interface.

Valo
  • 1,872
  • 2
  • 15
  • 23
0

The Fortanix Data Security Manager (DSM) SaaS product supports PKCS#11, works well, and is reasonably priced. It has direct connections to all of the major Cloud providers (so latency is extremely low) and provides redundancy as part of the base product. No, I don't work for them. Just a satisfied customer.

Teiwaz
  • 1
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Mar 29 '23 at 19:38