.png){kind=logo}
The following table lists HSM support for each SignServer deployment option. Integration methods include PKCS #11 standard and REST APIs. SignServer additionally supports software-based keys for lower security requirements or development.
PQC : Indicates PQC algorithm support.
|
HSM Type |
Software stack |
Cloud |
Software Appliance |
Hardware Appliance |
Container Set |
|
Network HSMs integrated with REST APIs |
|||||
|
Azure Key Vault / MS Managed HSM |
✔️ |
✔️
|
|
|
✔️
|
|
Fortanix Data Security Manager (DSM) PQC |
✔️ |
|
|
|
✔️ |
|
Securosys Primus HSM and CloudHSM Service |
|
|
✔️ |
|
|
|
Network HSMs integrated with PKCS#11 |
|||||
|
AWS CloudHSM |
✔️ |
✔️ |
|
|
|
|
Bull TrustWay Proteccio |
✔️ |
|
✔️ |
|
|
|
CloudHSM Service
|
|
|
✔️ |
|
|
|
Entrust nShield Connect/5c PQC |
✔️ |
|
✔️ |
|
|
|
Securosys Primus
|
|
|
✔️ |
|
|
|
SoftHSMv2 |
✔️
|
|
|
|
✔️ |
|
Thales DPoD |
✔️ |
|
✔️
|
|
|
|
Thales Luna 7 PQC |
✔️ |
|
✔️
|
|
✔️
|
|
Thales USB HSM
|
|
|
✔️ |
|
|
|
Thales TCT |
✔️ |
|
✔️ |
|
|
|
Utimaco CryptoServer |
✔️
|
|
✔️
|
|
✔️ |
|
Utimaco u.trust Anchor PQC
|
✔️ |
|
✔️ |
|
|
|
Internal Hardware Appliance PCIe HSMs integrated with PKCS#11 |
|||||
|
Thales Luna PCIe |
✔️ |
|
|
✔️ |
|
|
Utimaco PCIe |
✔️ |
|
|
✔️ |
|