My use case is to store digital certificate (issued by some certificate authority) in AWS Cloud HSM. I know we can store private key that signs the certificate. But is it possible to store full digital certificate itself? Can someone please share the steps?
Asked
Active
Viewed 303 times
1
-
A certificate is public information. Why would you want to store it in a HSM? – garethTheRed Sep 05 '22 at 05:50
-
posted an answer, if it helped you consider accepting it so that it helps others in the future – Jatin Mehrotra Oct 15 '22 at 17:30
1 Answers
0
Unfortunately you cannot store digital certificate in CloudHSM device
Here are things what you can achieve with it
When you use an HSM from AWS CloudHSM, you can perform a variety of cryptographic tasks:
- Generate, store, import, export, and manage cryptographic keys, including symmetric keys and asymmetric key pairs.
- Use symmetric and asymmetric algorithms to encrypt and decrypt data.
- Use cryptographic hash functions to compute message digests and hash-based message authentication codes (HMACs).
- Cryptographically sign data (including code signing) and verify signatures.
- Generate cryptographically secure random data.
Jatin Mehrotra
- 9,286
- 4
- 28
- 67
-
can you share some links related cryptographic functions and Cryptographically signing data? – Sep 07 '22 at 06:08
-
This should help https://aws.amazon.com/blogs/apn/signing-data-using-keys-stored-in-aws-cloudhsm-with-python/ if this helped you, it would be great if you can accept this as answer, so that it can help others in the future – Jatin Mehrotra Sep 09 '22 at 03:25