Y
Hacker News
new
|
ask
|
show
|
jobs
by
erkkie
2957 days ago
You do not store certificates on an HSM, you generate the private key on it and use that to sign things. Certificates that end up in actual use are further many chains removed from the root keys.