If not, does anybody offer FIPS 140-2 HSMs with PKCS#11 on the Azure marketplace?
Does Azure Key Vault service support PKCS#11?
1.9k Views Asked by Valo At
2
There are 2 best solutions below
1
Teiwaz
On
The Fortanix Data Security Manager (DSM) SaaS product supports PKCS#11, works well, and is reasonably priced. It has direct connections to all of the major Cloud providers (so latency is extremely low) and provides redundancy as part of the base product. No, I don't work for them. Just a satisfied customer.
Related Questions in AZURE
- How to update to the latest external Git in Azure Web App?
- I need an azure product that executes my intensive ffmpeg command then dies, and i only get charged for the delta. Any Tips?
- Inject AsyncCollector into a service
- mutual tls authentication between app service and function app
- Azure Application Insights Not Displaying Custom Logs for Azure Functions with .NET 8
- Application settings for production deployment slot in Azure App Services
- Encountered an error (ServiceUnavailable) from host runtime on Azure Function App
- Implementing Incremental consent when using both application and delegated permissions
- Invalid format for email address in WordPress on Azure app service
- Producer Batching Service Bus Vs Kafka
- Integrating Angular External IP with ClusterIP of .NET microservices on AKS
- Difficulty creating a data pipeline with Fabric Datafactory using REST
- Azure Batch for Excel VBA
- How to authenticate only Local and Guest users in Azure AD B2C and add custom claims in token?
- Azure Scale Sets and Parallel Jobs
Related Questions in PKCS#11
- RemoveCertificate in System.Security.Cryptography.Pkcs.SignedCms - is real (NetFramwork 4.7)?
- Compute sign using secure token hit Unknown error -1073741275 using sha256 algo
- Why are there no extensions in the CertificateExtensions property of CertificateRequest?
- PartialChain error in X509Chain when building certificate chain?
- Including other certificates when signing using SignedCms and CmsSigner on .NET C#
- Meaning of algorithm properties in a certificate
- Decryption error while Decrypt the symmetric key
- How can i get public key in DER format from base64 encoded public key?
- Failed to create SecKey using SecKeyCreateWithData using swift
- Automate parsing yubikey pin in pkcs11
- What is the safest way to recognize if a file is application/pkcs7-mime or analogous in Angular?
- OpenSSL.crypto.Error when trying to load certificate from Azure Key Vault
- convert pkcs1 signature to pkcs7 signature using nodejs
- In which version of openssl is the pkcs8 v2 option introduced?
- How to check pkcs format of a private key using golang code?
Related Questions in HSM
- Storing digital certificate in AWS Cloud HSM
- OpenJDK 11 - java.security.NoSuchProviderException:no such provider: nCipherKM
- Using HSM as an external signer with NBitcoin
- How can I make multiple clients connect to multiple slots in SoftHSM by Java code
- Code-Sign an Authenticode PE file using keys in a HSM in Linux
- Sign HLKX package with key stored in HSM
- has anyone undergone certification of PCI-DSS using general purpose HSM (and not payshield)?
- Token number 2 (-d) not recognized. Command Result : 22 (Invalid argument) Fatal: Received unexpected end-of-file from server in Luna HSM
- Thales HSM Import Public Key (EO) error '04'
- How to encrypt a json string as JWE (Json Web Encryption) by using public key stored in HSM?
- Why am I getting an initialization error when using python-pkcs11?
- EV code signing certificate along with cloud HSM
- PKCS11 - Select and Decrypt a Key from HSM
- How to communicate via PKCS#11 with a HSM
- Using M2 command on Thales Payshield 9000 HSM to decrypt a message
Related Questions in CRYPTOKI
- cryptoki C_GenerateRandom fails
- Connect to remote HSM with PKCS11interop
- Create signature using Pkcs11Interop without token password
- Generating XAdES from USB Token in c#
- FileNotFoundError: Could not find module 'libhsm.dll'
- How to create Digital Signature with CAdES format using Pkcs11Interop in C# without data or document to sign
- Does Azure Key Vault service support PKCS#11?
- CK_CHAR vs CK_BYTE in PKCS#11?
- PKCS11 deriveKey returning different values every time
- What is the correct behavior of C_Decrypt in pkcs#11?
- How to query HSM slot for value "key handle" using (known) value "key label"
- Why Cryptoki.C_OpenSession disconnect from HSM sometimes
- CreateObject PKCS#11 fail
- There is a log-in error using "cryptoki.dll" using the Pkcs11 library
- What is the expected behaviour of `C_wrapKey` API if wrapping key is not provided?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
It looks like the Key Vault service does not support PKCS#11 - it's mostly, well, keys and secrets vault (secure store). However, the Azure dedicated HSM provides physical, dedicated, cryptographic key storage and services. They use SafeNet Luna Network HSM 7 (Model A790) appliance from Gemalto - FIPS 140-2 Level 3-validated devices, which also has an accessible PKCS#11 interface.