yes, you can implement a Crypto which will basically pull the private keys from HSM rather from a key stores. You can inject HSM related information through configuration properties just as we do in the Merlin case. WSO2 WSAS ServerCrypto [1] is such custom crypto implementation but it exists for a different purpose and it uses JKS.
thanks, nandana [1] - https://wso2.org/repos/wso2/trunk/wsas/java/modules/core/src/org/wso2/wsas/security/ServerCrypto.java On Thu, Sep 18, 2008 at 9:16 PM, Christian Mielke <[EMAIL PROTECTED]> wrote: > Hi, > thanks for the fast reply. > > A Hardware Security Module (HSM) is a appliance that can store private keys > inside and these keys cannot be exported anymore. The keys are safe inside > this appliance. > > With a custom crypto implementation do you mean something to replace the > Merlin Crypto Provider? > > Christian > ----- original Nachricht -------- > > Betreff: Re: RAMPART 1.3 only with File-Keystores ? > Gesendet: Do, 18. Sep 2008 > Von: Nandana Mihindukulasooriya<[EMAIL PROTECTED]> > > > I didn't quite get what is meant by hardware certificate store but you > may > > be able to do this by writing a Custom Crypto implementation and using it > > with Rampart. > > > > thanks, > > nandana > > > > On Thu, Sep 18, 2008 at 7:11 PM, Christian Mielke <[EMAIL PROTECTED]> wrote: > > > > > Hello, > > > > > > Rampart works great with file keystores somewhere on the file system, > but > > > is there the possibility to use a hardware security module with > RAMPART? > > The > > > hardware security module is a hardware certificate store inside the > same > > > network like the application server. > > > > > > Greetings > > > > > > Christian > > > > > > > > > > > -- > > Nandana Mihindukulasooriya > > WSO2 inc. > > > > http://nandana83.blogspot.com/ > > http://www.wso2.org > > > > --- original Nachricht Ende ---- > > -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org
