O'Reilly logo

Windows Server® 2008 PKI and Certificate Security by Brian Komar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Hardware Security Modules

Hardware security modules allow you to increase the protection of the CA’s private key to meet Federal Information Processing Standard (FIPS) 140-2 level 2 and level 3 security. A FIPS 140-2 level 3 device protects the CA’s private key by providing two features:

  • The cryptographic device is tamper evident. The cryptographic store within an HSM is typically coated with an epoxy layer, so that any attempts to access the cryptographic store is indicated in the epoxy layer.

  • If an attempt to compromise the cryptographic store on the HSM takes place, the data stored on the cryptographic store—namely the private key—is destroyed, which protects the private key from compromise.

Note

The FIPS 140-2 document that defines the security ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required