Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,309 questions
PKCS #7 xml signing capabilities in Azure Key Vault Managed HSM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 84%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
ericleigh007
1
Reputation point
Hello,
We have a client who is using an on prem hardware HSM to sign XML documents using PKCS #7 (RFC 2315) compliant signatures.
It looks like the Managed HSMs in Azure recently changed from Thales Luna devices, which should support that capability, to Marvell LiquidSecurity devices.
My company is looking to assist the client in migrating to Azure Key Vault Managed HSM and we need to know that such a capability is supported.
We should be able to assume that Azure wouldn't provide a new HSM option that is less compliant with PCKS #7 than their previous offering, but such assumptions can be dangerous.
Thanks for any authoritative insights.
{count} votes
-
Siva-kumar-selvaraj 15,651 Reputation points2022-05-31T14:09:34.89+00:00 Thanks for reaching out and apologies for the delayed response.
I could see that you are already working with HSM Procut manager through CSS support on above queries. If possible, could you please share your finding here which would be beneficial to other community members reading this thread. Thanks.
Sign in to comment
Sign in to answer