SignServer Cloud AWS
- AWS Launch Guide
- Quick Start Guide
- AWS Backup Guide
- AWS Restore and Upgrade Guide
- AWS TLS Certificate Generation Guide
- AWS Cluster Configuration Guide
Peering to EJBCA Cloud AWS Configuration Guide
- AWS Operating Environment
- EJBCA/SignServer Peering Security Groups
- Generate TLS Certificates for SignServer
- Allow Peer Connections in SignServer
- Peer Connection Configuration
- Creating the Peer Connection
- Allow Peer Connection in SignServer
- Configuring Automatic Generation and Key Renewal over Peers
- Automatically Renewing the Key Binding Key
SignServer CloudHSM Integration Guide
- Multiple Crypto Tokens with AWS CloudHSM
- Create a CloudHSM Cluster
- Use OpenSSL to Validate the HSM
- Initialize the CloudHSM
- Assigning Security Group
- Configure the cloudhsm-client
- PKCS11 PIN
- Activate Cluster
- Create a CloudHSM Crypto User
- Create Keystore in HSM with ClientToolBox
- Test with EJBCA ClientToolBox
- Create CryptoToken in SignServer
- Restoring HSM Backup to New Instance
SignServer Cloud Azure
- Azure Launch Guide
- Azure Key Vault Integration Guide
- SignServer Cloud Release Notes
Viewing Keys in Key Vault
When accessing the Keys tab in Azure Key vault, you may get an error that says:
To get around this, perform the following steps to configure Azure Key Vault firewalls to allow access to your key vault.
- Browse to the Key Vault that SignServer is using, in this example SignServerKeyVault, and select Networking.
- Add your public IP into the Firewall section on the Firewalls and virtual networks tab. To allow a single IP, end the IP with /32. Otherwise, add your appropriate subnet.
- Click Save.
- You will now be able to access all of the keys on the Keys tab of the Azure Key Vault.
Next, continue with creating a test key that SignServer can use to activate the Crypto Token, see Creating First Key for SignServer.