Configuring network Hardware Security Module (HSM) support
You can register a network HSM device with the local management interface. WebSEAL can then be configured to use this HSM for the secure storage of SSL keys.
About this task
The appliance supports the use of the following HSM devices:
- Thales nShield Connect
The appliance embeds Thales nShield client software v12.30 (hardserver version 3.67.11). This has been tested with nShield appliance firmware 2.61.2. Due to a limitation in key protection type support, the appliance does not support “HSM Pool mode”. The appliance continues to support high availability using the load sharing capabilities provided by nShield HSMs.
- SafeNet Luna SA v5.x
Note: The appliance can connect to a maximum of one Thales nShield Connect device and multiple SafeNet Luna SA v5.x devices.
Perform the following steps to configure WebSEAL for the network HSM device.