Re: Apache2 mod_ssl with HSM support

Tue, 12 Jun 2007 17:13:44 -0700 


On May 29, 2007, at 11:36 PM, Apache Devel wrote:


I'd like to start a discussion about Hardware Security Module (HSM)
support for
mod_ssl. You may know that OpenSSL supports different HW engines. There 
is also
support for PKCS#11 devices, a standard for communication with crypto
devices -
e.g. HSMs or Smartcards. Some HSM vendors support mod_ssl and their HSM 
with a
modified OpenSSL/mod_ssl version. But support is limited to 1.3.X
versions of Apache as
far as we know.
That's not entirely correct. Apache 2.0.x has experimental support for hardware crypto engines, and in Apache 2.2 that support is no longer experimental.
I agree though that Apache tends to think of certificates and keys very much as PEM files on disk and not really anything else, which stands in the way of working with HSMs in general. Even with that limitation, HSM support works with Apache for instance with nCipher's nShield and netHSM products (Disclosure: I work for nCipher). 


There seems to be no standard interface for mod_ssl with HSM
support for private key protection and operations. We decided to extend 
mod_ssl
for usage with an HSM. We have a first prototype ("prealpha") with
limited
functionality now.
That sounds interesting. I think it is a good idea that mod_ssl grow capabilities to deal with key material other than PEM files on disk. 


The limitations:
- Supports only one virtual host


That would probably be a necessity.


- Supports no keys from files at the moment
Meaning you completely hacked that out, or just not in conjunction with HSM contained keys? We obviously couldn't do without the default PEM-files-on-disk case.
- Loads HSM PIN from the OpenSSL.cnf file (No handler implemented at the 
moment)
We *have* the passphrase dialog implementation for encrypted key files... could we leverage that to make the server ask for passphrases or PINs for HSM keys? That would not only benefit the P11 case, but also the existing CHIL support for the nCipher HSMs. 


- Certificate comes from file (not really a limitation...)
Technically not, since the certificate is not sensitive data, but it could present problems from a management point of view. If you have multiple SSL hosts, how do you keep a particular certificate and its key together, and how would your successor or the remote hands guy in the data center at 3AM work that? 


What it does:
- Private key is no longer in a file, it's in the secure HSM store
- Private key operations are processed on the HSM


Which is where we want them.  Awesome.
Did you intend to submit your patch for inclusion in the Apache code? Care to post some code so we can discuss it? It'd be easiest to discuss if you generated a patch against the Apache development trunk <http://svn.apache.org/repos/asf/httpd/httpd/trunk> instead of 2.2. 

Regards,

Sander

--
Sander Temme
[EMAIL PROTECTED]
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to