AWS CloudHSM Implementation for The eSignature SaaS Provider – Greg Solutions
About The Client
The customer provides a platform for electronic legally binding signatures. To safely store private keys they needed to use a highly secure and HIPAA-compliant Hardware Secure Module (HSM) provided by Amazon (AWS CloudHSM). The deployment and configuration of the service, as well as the creation of properly secured private keys and integration of applications with HSM are not some easy tasks. Greg Solutions applied our extensive experience to support the customer every step of the way, starting from the configuration of CloudHSM till the generation of a proper CSR (certificate signing request) for the Cloud Authority (CA) and integration of the application with CloudHSM using the Client HSM daemon, HSM SDK and Java.
Multiple customers prefer eSign Genie over its competitors because of the wide array of useful features, such as API integration, bulk/mass signatures, template library & hierarchical security. Highly rated for its quality, ease of use, customer support and value for money, this tool made it to Top 20 Digital Signature Products on Capterra.
1. Deploy and configure AWS CloudHSM clusters for multiple environments to securely store private keys.
2. Pass the workflow of generating non-exportable private keys to retrieve a certificate from the certificate authority.
3. Enable the automation of document signatures using the Java and private keys from CloudHSM.
4. Provide comprehensive documentation and support for the client’s development team to help them migrate the system from the hardware HSM to AWS CloudHSM.
Implemented a Java Web API server that interacts with CloudHSM using PKCS 12 and helps to securely sign user documents.
Added Cloud HSM monitoring using AWS Cloud Watch