A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret engines).

A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.

Go implementation of the keyless protocol

pkcs11 wrapper for Go

Signatory - A Tezos Remote Signer for signing block-chain operations with private keys using YubiHSM, AWS, GCP, Ledger's or Azure Key Vault

SSH CA Client/Server

A simple service for interacting with an HSM or other PKCS#11 device.

🔐 step plugin to manage keys and certificates on a cloud KMSs and HSMs

An implementation of the Enrollment over Secure Transport (EST) certificate enrollment protocol

Lustre HSM tools

The Vault HSM PKI plugin overlays the modifications to the builtin PKI plugin that enable support for certificate signing using a Hardware Security Module via PKCS#11.

🔐 Wrap keys from HSM using CKM_RSA_AES_KEY_WRAP step by step

Go library for creating pkcs11 modules

Go PKCS#11 helper module for certificate signing using HSMs.

This is a plugin for HashiCorp Vault that implements storing data objects into HSM devices using PKCS#11

HashiCorp Vault Community Edition for REST-based Securosys HSM and CloudsHSM integration with enhanced features (multi-authorization).

Use S3 storage as a HSM for dCache

AWS Process Credentials for Trusted Platform Module (TPM)

AWS Process Credentials for Hardware Security Module (HSM) with PKCS11

HashiCorp Vault Secrets Engine plugin for REST-based Securosys HSM and CloudsHSM integration with enhanced features (ECIES, multi-authorization).