HSM Pro/Ent only

This guide describes how to connect the CipherMail Email Encryption Gateway to a Hardware Security Module. Like any system that uses private keys, the gateway must protect sensitive key material. CipherMail stores all configuration, including keys and certificates, in a database. Keeping everything in one place simplifies backups, clustering, and failover.

Even though sensitive data such as private keys is encrypted with a configurable password, anyone who gains access to both the database and the system password could potentially retrieve the keys. This is not unique to CipherMail. Any application that uses private keys without specialized hardware faces the same risk. For that reason, database access must be restricted to authorized personnel, and system backups should always be protected with a strong password.

To ensure private keys can never be copied, even with full physical access to the system, you can use a Hardware Security Module. An HSM is essentially a high-assurance smart card: it generates private keys on the device and stores them in tamper-resistant hardware. HSMs also provide additional security features such as a secure random number generator. For environments requiring FIPS 140 level 2 or higher, an HSM is mandatory because the standard requires physical security controls.

CipherMail Gateway with HSM

HSMs from the following vendors are supported:

Please contact us if you need to integrate an HSM with CipherMail.