PKCS #7 xml signing capabilities in Azure Key Vault Managed HSM
We have a client who is using an on prem hardware HSM to sign XML documents using PKCS #7 (RFC 2315) compliant signatures.
It looks like the Managed HSMs in Azure recently changed from Thales Luna devices, which should support that capability, to Marvell LiquidSecurity devices.
My company is looking to assist the client in migrating to Azure Key Vault Managed HSM and we need to know that such a capability is supported.
We should be able to assume that Azure wouldn't provide a new HSM option that is less compliant with PCKS #7 than their previous offering, but such assumptions can be dangerous.
Thanks for any authoritative insights.
Thanks for reaching out and apologies for the delayed response.
I could see that you are already working with HSM Procut manager through CSS support on above queries. If possible, could you please share your finding here which would be beneficial to other community members reading this thread. Thanks.
Sign in to comment