28 Integrating with MyID SecureVault

MyID SecureVault is a secure key archival module that allows you to store, generate, and recover private keys. MyID SecureVault integrates with MyID CMS to provide key storage and recovery, and also provides an API that allows you to integrate it with your own systems; you can use MyID SecureVault on the MyID CMS server, or as a standalone key archive.

Note: MyID SecureVault currently supports the generation, storage, and recovery of RSA 2048, 3072, and 4096 bit keys. You can import, store, and recover RSA 1024 bit keys. Currently, ECC keys are not supported.

MyID SecureVault is available as a separate product. See:

www.intercede.com/myid-product-suite/myid-secure-vault/

For more information, see:

• The MyID SecureVault guide.

  This guide is provided with the MyID SecureVault package and provides comprehensive instructions for installing, configuring, and using MyID SecureVault, including integrating it with MyID CMS.

• Diagrams containing an overview of the processes.

  See section 28.1, Overview.

• Details of configuring MyID SecureVault to use the same HSM as MyID CMS.

  See section 28.2, Using an HSM with MyID SecureVault.

• Details of setting up the external system to allow MyID CMS to integrate with MyID SecureVault.

  See section 28.3, Configuring the MyID SecureVault external system.

• Details of configuring certificate policies to use MyID SecureVault to archive its keys.

  See section 28.4, Configuring certificate policies to use MyID SecureVault.

• Information on importing certificates.

  You can use the MyID Core API to import a certificate; when you specify a certificate policy that you have configured to use MyID SecureVault, the private keys are securely stored in the MyID SecureVault key store.

  See the Importing certificates section in the MyID Core API guide for details.

• Information on recovering certificates.

  If you have imported or issued a certificate using a certificate policy that you have configured to use MyID SecureVault, you can subsequently recover the keys for that certificate.

  See section 18, Key recovery and the Requesting key recovery section in the MyID Core API guide for details

• A report on the number of keys archived in MyID SecureVault.

  See the SecureVault Usage report section in the MyID Operator Client guide.