Cryptographic hardware concepts
WebSEAL uses GSKit for SSL communication and key management to provide interface support for cryptographic hardware.
Cryptographic hardware can provide one or both of the following features:
- Accelerated and secure SSL encryption and decryption tasks for performance improvements during multiple online transactions
- Accelerated and secure digital certificate key storage and management for highly secure architecture during online transactions
Hardware cryptographic acceleration and key storage apply to the following WebSEAL connections:
- Browser to WebSEAL
- WebSEAL to back-end junctioned server
The following product functions or features do not currently support cryptographic hardware integration:
- Symmetric key operations (including key storage), such as eCSSO, CDSSO, LTPA, and any other SSL connections.
- Any cryptographic operations (including certificate and key storage) completed with SSL configured between the ISAM directory client and directory server.
- Any cryptographic operations (including certificate and key storage) completed when Security Verify Access components communicate as part of the authorization database management (pdadmin or database replication).
- Any cryptographic operations (including certificate and key storage) completed with SSL configured between WebSEAL and the ISAM session management server.
Parent topic: Cryptographic hardware for encryption and key storage