Integrate HSM

The Unifyia platform supports the integration of a Hardware Security Module (HSM) for the secure storage and management of cryptographic keys and to perform cryptographic operations such as encryption, decryption, signing, and verifying digital signatures. HSMs are highly secure, tamper-resistant devices used in environments where strong security is essential, such as banking, government, and enterprise applications. Integration of HSMs will help organizations comply with regulatory and industry standards, such as FIPS 140-2, PCI DSS, GDPR, eIDAS, and ETSI. They can handle cryptographic operations at scale, ensuring fast and efficient processing for applications like SSL/TLS encryption or digital signatures.

This document explains how to add and manage the integrated HSMs. Currently, the platform supports the integration of the Utimaco CryptoServer for secure cryptographic keys management.

UTIMACO CryptoServer HSM

CryptoServer is a hardware security module developed by UTIMACO, a German manufacturer. CryptoServer is a physically protected specialized computer unit designed to perform sensitive cryptographic tasks and to securely manage as well as store cryptographic keys and data. It can be used as a universal, independent security component for heterogeneous computer systems.

Add HSM

Prerequisites:

  • An HSM must be installed to be integrated with the Unifyia platform.
  • You must have admin access to the Unifyia platform.

Follow the below steps to add an HSM.

  1. Log into the platform with administrator credentials.
  2. Navigate to Integrations > HSM.
  3. Select + Add HSM. The ADD HSM page is displayed.
  4. Configure the required parameters. Refer to the tutorial Configure Utimaco CryptoServer to learn how to configure the Utimaco Cryptoserver.
  5. Select Test Configuration, to check if the configuration is successful.
  6. Select Save to save the details of the HSM.

Manage HSMs

  1. Log into the platform with administrator credentials.
  2. Navigate to Integrations > HSM.
  3. A list of configured HSMs is displayed.
  4. The status of the connection is displayed as Healthy if the connection is active. If the system is down, then it is displayed as Down.
  5. To edit, select the Pencil icon at the end of the selected HSM row and modify the configuration parameters as needed. Select Update to save the changes.
  6. Currently, delete functionality for an integrated HSM is not supported.

Back Next
On this page
How-TO-Guides