Hi, "Managed HSM Pools" (Hardware Security Module Pools) in Azure Key Vault are designed to provide additional security for cryptographic key operations. These HSMs are dedicated hardware devices designed to securely store and perform cryptographic operations, enhancing the security of your keys. For code-signing certificates, it's not strictly necessary to use a Managed HSM Pool, but it can offer additional security benefits. Whether you choose to use Managed HSM Pools depends on your specific security requirements and compliance considerations. Please find doc for ref https://learn.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates If you have any other questions, please let me know. Thank you for your time and patience throughout this issue. Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
Azure key vault requirement for code signing cert
Hello, Due to the updated requirements for Code-Signing certificates, I am currently searching for a cost-effective cloud HSM solution. However, I would like to double-confirm that for signing Windows Code-Signing certificates, the option "Managed HSM Pools" is not required in the Azure.
2 additional answers
Sort by: Most helpful
-
Deepanshu katara 4,900 Reputation points
2024-01-31T04:31:13.0333333+00:00 @andrew , Following up to see if the provided answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
-
Alexander Skvortcov 0 Reputation points
2024-04-10T17:11:52.2166667+00:00 Here is a discussion on the topic. https://www.reddit.com/r/electronjs/comments/16sgb3u/signing_electron_app_for_windows_with_an_ev/
According to this discussion, "Managed HSM Pools" is not required for Windows Code-Signing certificates.