· Jul 10, 2020

Exporting the Interystems Cache Encryption Key to an External HSM

Hello All,

I am trying to Exporting the InterSystems Cache Encryption Key to an External HSM.

My External HSM supports importing the key.

Is that can be done? or supported.


Amit Kumar Thakur


Discussion (2)0
Log in or sign up to continue

I am assuming you mean Cache database encryption keys, which are stored in files.  If the HSM supports transparently giving the file to Cache when asked, I don't see why this wouldn't work, but I doubt it's been tested. 

If the HSM requires you to enter a passphrase, use a private key to decrypt the file, or other interactive step, you might or might not have a problem.  How are you planning to do the key activation?  Will you be present and able to do those steps?  

I assume your HSM does not support KMIP, which is a communication protocol for sending keys to a central key server.  Cache does support KMIP.