- Launch Guide
- Quick Start Guide
- Backup Guide
- Restore and Upgrade Guide
- TLS Certificate Generation Guide
- Cluster Configuration Guide
-
Peering to EJBCA Cloud Configuration Guide
- AWS Operating Environment
- EJBCA/SignServer Peering Security Groups
- Generate TLS Certificates for SignServer
- Allow Peer Connections in SignServer
- Peer Connection Configuration
- Creating the Peer Connection
- Allow Peer Connection in SignServer
- Configuring Automatic Generation and Key Renewal over Peers
- Automatically Renewing the Key Binding Key
-
SignServer CloudHSM Integration Guide
- Multiple Crypto Tokens with AWS CloudHSM
- Create a CloudHSM Cluster
- Use OpenSSL to Validate the HSM
- Initialize the CloudHSM
- Assigning Security Group
- Configure the cloudhsm-client
- PKCS11 PIN
- Activate Cluster
- Create a CloudHSM Crypto User
- Create Keystore in HSM with ClientToolBox
- Test with EJBCA ClientToolBox
- Create CryptoToken in SignServer
- Restoring HSM Backup to New Instance
Assigning Security Group
The Cloud HSM initialization process creates a new Security Group as part of its install process. This Security Group needs to be added to the SignServer instance for the two to communicate.
To assign the security group to the SignServer instance, do the following:
- Select your SignServer Cloud Instance (or right click on it) and select: Networking > Change Security Groups.
- You will see a new security group that was generated from the CloudHSM install process. Select it and click Assign Security Group.
