Archer-HSM Integration #603
Description
Problem Description:
This issue is to formally track the progress of the Archer-HSM integration initiative, which is critical for enabling secure and reliable connectivity between the Archer service and Hardware Security Module (HSM) devices. This integration will play a key role in supporting cryptographic operations required by various services.
Current Scope – Thales HSM Integration:
We are currently working with Thales HSM devices, which require port 1792 for LunaClient NTLS (Network Trust Link Service) communication between the source system and the HSM. However, since we are unable to modify ACLs or open firewall ports in the current environment, we have identified Archer as the optimal solution. Archer enables secure network injection into the customer network, effectively bypassing these constraints while ensuring secure connectivity.
In addition, the integration setup established for Thales HSM will provide a reusable foundation that can benefit other upcoming projects requiring HSM connectivity.
Future Scope – Utimaco HSM Integration:
Looking ahead, we anticipate the need to integrate with Utimaco HSM devices once they become available. At that stage, we will assess the specific connectivity and integration requirements and extend the current approach accordingly.