Security
CloudHSM for OpenSSL
Managed hardware security module (HSM) for OpenSSL in the cloud
This service uses CloudHSM Economy to store and manage your cryptographic keys for OpenSSL. OpenSSL is an open-source project that provides a widely-used library for cryptographic operations, including symmetric encryption, public-key encryption, digital signing, and hashing, as well as command-line tools for these operations.
How it works
Benefits and features
Secure Key ManagementThe keys used by OpenSSL applications are created securely on the HSM and never leave its secure environment. This ensures that the keys remain protected from external threats and unauthorized access. By leveraging the HSM's robust security features, OpenSSL provides a high level of assurance for key management, mitigating the risk of key exposure and compromise. |
Certification Authority FunctionalityOpenSSL's command-line interface (CLI) includes tools for acting as a Certification Authority (CA). You can create and manage digital certificates, generate Certificate Signing Requests (CSRs), sign certificates, and manage certificate revocation lists (CRLs). This enables you to set up a trusted CA for secure communications and authentication. |
Digital Signing with HashingDigital signatures provide a way to verify the authenticity and integrity of data. OpenSSL allows you to generate digital signatures using cryptographic hash functions like SHA-256 (Secure Hash Algorithm 256-bit). You can hash data and then sign the hash with your private key to generate a digital signature. Recipients can use your public key to verify the signature and confirm that the data hasn't been tampered with. |
Public-Key EncryptionPublic-key encryption, also known as asymmetric encryption, uses a pair of keys: a public key for encryption and a private key for decryption. OpenSSL supports public-key encryption algorithms such as RSA (Rivest–Shamir–Adleman) and elliptic curve cryptography (ECC). You can generate key pairs, encrypt data with a recipient's public key, and decrypt it with the corresponding private key. |
Symmetric EncryptionSymmetric encryption uses the same key for both encryption and decryption. OpenSSL supports symmetric encryption algorithms such as AES (Advanced Encryption Standard) and 3DES (Triple DES). You can use OpenSSL to perform symmetric encryption and decryption operations with these algorithms. |
Related services
CloudHSM for CyberArk Privileged Access Manager
A managed service to be integrated with the CyberArk Access Manager. Easily store and manage your cryptographic keys used for encryption and decryption of sensitive data, including passwords, access tokens, and other authentication credentials.
CloudHSM Economy
A fully managed HSM service that integrates with your applications using industry-standard APIs, such as PKCS#11, Java Cryptography Extension (JCE), and Microsoft CryptoNG (CNG) libraries.
CloudHSM for Keyfactor EJBCA® Enterprise
A managed service to be integrated with EJBCA® Enterprise to securely store and manage the cryptographic keys associated with digital certificates.
Getting started
Pricing
You pay a monthly fee for each HSM in your account. Rates vary by Region. You can view these at
OpenSSL is open-source and free to use.