self-hosted/teleport

Fork 0

mirror of https://github.com/gravitational/teleport synced 2024-10-22 10:13:21 +00:00

Commit graph

Author	SHA1	Message	Date
Andrew Lytvynov	f9dbc66353	RFD 25: Hardware security module (HSM) support Support for HSMs for CA key storage. I mentioned a few design options in the RFD, but wrote the rest of it based on my preferred option. It's not set in stone, so speak up if you think the high-level approach is wrong. Most of the complexity lies in backend storage and CA rotation. Actually talking to HSMs over PKCS#11 is relatively simple.	2021-04-16 18:54:33 +00:00

Author

SHA1

Message

Date

Andrew Lytvynov

f9dbc66353

RFD 25: Hardware security module (HSM) support

Support for HSMs for CA key storage.

I mentioned a few design options in the RFD, but wrote the rest of it
based on my preferred option. It's not set in stone, so speak up if you
think the high-level approach is wrong.

Most of the complexity lies in backend storage and CA rotation. Actually
talking to HSMs over PKCS#11 is relatively simple.

2021-04-16 18:54:33 +00:00

1 commit