Skip to main content
Skip table of contents

AWS CloudHSM

ENTERPRISE

AWS Cloud HSM is a cloud-based HSM service in the Amazon Web Services. The CloudHSM uses FIPS 140-2 Level 3 certified Cavium/Marvell HSMs in the backend and is accessible using the PKCS#11 API. Custom modules are needed for full EJBCA support of the CloudHSM, and this is supported in the EJBCA Cloud.

For step-by-step instructions on how to integrate EJBCA Enterprise Cloud with AWS CloudHSM, see the AWS CloudHSM Integration Guide.

Using PKCS#11 NG in EJBCA 7.5.0 and later has good support for AWS CloudHSM, including key generation in the Admin UI.

Using the Java PKCS#11 provider (called PKCS#11 in the EJBCA Admin UI) there are limitations when using AWS CloudHSM due to the PKCS#11 integration between the currently used Java PKCS#11 Provider and the Liquidsec PKCS#11 driver. Using Java PKCS#11/PKCS#11 Crypto Token is not recommended.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.