Key Store Management

Steps to create, manage, and delete Key Stores.

Creating Key Stores

The steps to create a Key Store depend on the type, as shown in the following table.

Only users with a Security Administrator privileges can create Key Stores.

Key Store Type	Steps to Create Key Store
PKCS #11	Configuring the ESA with HSMs supporting PKCS #11 Interface Configuring the ESA with Thales Luna HSM Configuring the ESA with Thales DPoD HSM
AWS KMS	Configuring the ESA with AWS KMS
Google Cloud KMS	Configuring the ESA with Google Cloud KMS
Azure Key Vault Managed HSM	Configuring the ESA with Azure Key Vault Managed HSM

Managing Key Stores

A user with Security Administrator privileges can fully modify Key Stores after they have been created. However, a user with Security Viewer privileges cannot modify Key Stores.

Deleting Key Stores

Only a user with Security Administrator privileges can delete Key Stores. However, an active Key Store cannot be deleted. Also, the default Protegrity Soft HSM cannot be deleted.

To remove a Key Store:

On the ESA Web UI, navigate to Key Management > Key Stores.
The Key Stores tab appears.
Select the name of a key store from the list, and click the Delete action.
A confirmation dialog box appears.
Click OK.
A message Key Store has been deleted successfully appears.