Question
· Jul 10, 2020

Exporting the Interystems Cache Encryption Key to an External HSM

Hello All,

I am trying to Exporting the InterSystems Cache Encryption Key to an External HSM.

My External HSM supports importing the key.

Is that can be done? or supported.

Regards

Amit Kumar Thakur

+91-9953946465

Discussion (2)0
Log in or sign up to continue

I am assuming you mean Cache database encryption keys, which are stored in files.  If the HSM supports transparently giving the file to Cache when asked, I don't see why this wouldn't work, but I doubt it's been tested. 

If the HSM requires you to enter a passphrase, use a private key to decrypt the file, or other interactive step, you might or might not have a problem.  How are you planning to do the key activation?  Will you be present and able to do those steps?  

I assume your HSM does not support KMIP, which is a communication protocol for sending keys to a central key server.  Cache does support KMIP.