Azure Dedicated HSM
An Azure service that provides hardware security module management.
13 questions
Content
3 answers
Difference- HSM protected keys in Vaults (VS) HSM-protected keys in Managed HSM
While creating Azure VMs, we can keep the SSE encryption keys using Customer Managed Keys. We have 2 options when storing these CMK keys in HSM namely ( i know azure keyvault software based also supports CMK, but that is not my question . Mine is…
asked 2023-02-27T12:55:45.9466667+00:00
MS Techie
2,321
Reputation points
commented 2023-03-02T18:00:44.4966667+00:00
Marilee Turscak-MSFT
22,041
Reputation points Microsoft Employee
3 answers
What options are there for HSM on Azure Stack HCI?
Can i use managed HSM on Azure Stack HCI? Could it be a third party HSM? Thanks!
asked 2023-01-04T20:24:36+00:00
Jaime Rodriguez
1
Reputation point
answered 2023-02-27T08:26:11.7+00:00
Martin Gammelgård Rasmussen
0
Reputation points
3 answers
How many HSMs do we need?
Hi, We are building a new PKI, and will use HSMs for the root and issuing CAs. We are seeing advice (on forums, and from Microsoft support and Thales) that the HSMs need high availability, and so will need at least two, and that we should use at…
asked 2022-03-14T12:13:34.457+00:00
NOBLE Robert
1
Reputation point
answered 2022-03-22T08:13:14.747+00:00
Vadims Podāns
8,316
Reputation points MVP
2 answers
Creation of HSM Keyvault failed with ServiceUnavailable (powershell) or Capacity check failed (az cli)
Since a couple of days I'm unable to create a HSM Keyvault. I've got a powershell script which I've run successfully untill last monday. In this script I do an: New-AzKeyVaultManagedHsm -Name $name -ResourceGroupName $resourceGroup -Location…
asked 2022-04-28T14:46:19.11+00:00
Rutger Kars
1
Reputation point
commented 2022-05-12T04:24:29.157+00:00
Siva-kumar-selvaraj
15,151
Reputation points
1 answer
Is keyvault and keyvault HSM similiar from code perspective?
Hi I wonder whether getting certificates from KeyVault in c# is any different (do I need to use the same api, same integration nugets) from getting certificates from KeyVault based on HSM? thanks Michal
asked 2022-10-12T11:48:49.077+00:00
Michal Szilder
1
Reputation point
commented 2022-10-25T03:53:52.567+00:00
Givary-MSFT
13,231
Reputation points Microsoft Employee
1 answer
Can we get the Azure activity directory and HSM metrics data ?
Hi , We have our own internal resource monitoring tool for monitoring the cloud resources, and now we are trying to integrate the Azure AD and HSM services but there is no metrics are available to these services. is there anyway can we get the metrics…
asked 2021-11-15T07:20:28.947+00:00
saravanakumar M
1
Reputation point
answered 2021-11-17T00:00:45.287+00:00
JamesTran-MSFT
27,501
Reputation points Microsoft Employee
1 answer
How to import key exchange key in TR-31 format in Azure Key Vault?
The 3rd party, does not have the HSM requirement for using BYOK tool and transfer to us the key for import in Azure Key Vault. They only can transfer the key exchange key in TR-31 format (key exchange block). How can I import this type of key format…
asked 2021-10-08T11:11:11.447+00:00
Carlos Sáez
1
Reputation point
commented 2021-10-17T18:01:07.557+00:00
Carlos Sáez
1
Reputation point
1 answer
Will Both Azure Dedicated HSMs in High Availablity Config be Zeroized in Case of Tamper Detection?
As mentioned in Azure Dedicated HSM FAQ, Dedicated HSM will be zeroized when there is a tamper event detected. What is the Dedicated HSMs are in High Availability config? Will both HSMs be zeroized? If so, how does dedicated HSM support…
asked 2021-06-01T05:09:42.833+00:00
Joan Wu
1
Reputation point
answered 2021-06-07T21:41:42.647+00:00
JamesTran-MSFT
27,501
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
RSA HSM availability
Hello! I have a fast question: 2 years ago I associated a RSA-HSM key to my VM. Now I want switch to a new version, but i can't see any version. I can correctly choose my key vault and key, but no version apparead. Why? Thanks in advance
1 answer
Unable to create a certificate in HSM Vault with OU that contains a comma
Hi, For example OU = 'Hello, world' I wasn't able to do that via the CLI or the console What am i doing wrong? Thanks, Roie
asked 2020-08-25T20:12:19.64+00:00
Roie Rachamim
1
Reputation point
answered 2020-09-17T03:12:26.86+00:00
Yeming Liu
1
Reputation point
1 answer
One of the answers was accepted by the question author.
How do I decide whether to use Azure Key Vault or Azure Dedicated HSM?
Since both are used for key management, how do I decide whether to use Azure Key Vault or Azure Dedicated HSM? What are the differences between the two and the advantages of each? [Note: As we migrate from MSDN, this question has been posted by an…
asked 2020-05-06T20:50:21.39+00:00
Marilee Turscak-MSFT
22,041
Reputation points Microsoft Employee
accepted 2020-05-06T22:15:10.147+00:00
Marilee Turscak-MSFT
22,041
Reputation points Microsoft Employee
0 answers
PKCS #7 xml signing capabilities in Azure Key Vault Managed HSM
Hello, We have a client who is using an on prem hardware HSM to sign XML documents using PKCS #7 (RFC 2315) compliant signatures. It looks like the Managed HSMs in Azure recently changed from Thales Luna devices, which should support that capability,…
asked 2022-05-26T23:08:03.463+00:00
ericleigh007
1
Reputation point
commented 2022-05-31T14:09:34.89+00:00
Siva-kumar-selvaraj
15,151
Reputation points
0 answers
Key Vault HSM
My understanding is there are currently four options with Azure Key Vault / HSM to protect your keys. a) Key Vault Software Protected Keys (Standard Pricing) b) Key Vault HSM Protected Keys (Premium Pricing) c) Key Vault managed-HSM , own HSM…
asked 2021-10-06T20:40:22.103+00:00
George L. Hickox
1
Reputation point
commented 2021-10-07T04:58:59.84+00:00
George L. Hickox
1
Reputation point