Cryptographic hardware concepts
WebSEAL uses GSKit for SSL communication and key management to provide interface support for cryptographic hardware.
Cryptographic hardware can provide one or both of the following features:
- Accelerated and secure SSL encryption and decryption tasks for performance improvements during multiple online transactions
- Accelerated and secure digital certificate key storage and management for highly secure architecture during online transactions
Hardware cryptographic acceleration and key storage apply to the following WebSEAL connections:
- Browser to WebSEAL
- WebSEAL to back-end junctioned server
The following product functions or features do not currently support cryptographic hardware
integration:
- Symmetric key operations (including key storage), such as LTPA, and any other SSL connections.
- Any cryptographic operations (including certificate and key storage) completed with SSL configured between the Verify Identity Access directory client and directory server.
- Any cryptographic operations (including certificate and key storage) completed when Verify Identity Access components communicate as part of the authorization database management (pdadmin or database replication).
- Any cryptographic operations (including certificate and key storage) completed with SSL configured between WebSEAL and the Verify Identity Access session management server.