Can I install RSA Key Recovery Manager without a hardware security module (HSM)?
Originally Published: 2008-11-26
Article Number
Applies To
Redhat Linux Advanced Server 4.0
RSA Key Recovery Manager
Issue
Is it possible to install KRM without an HSM?
Resolution
It is mandatory to use an HSM to do key recovery as the recovery process implies that
1. The private key which should be owned by an end user will now also resides somewhere else, on the HSM
2. That private key can be retrieved by someone which is not the owner, the Key Recovery Operators
Because of those two concepts, the private key must be stored in the most secure way and be also recovered in a secure manner, which the HSM provides.
We do support nCipher nShield and netHSM, and also any PKCS #11-compliant HSM, including the nCipher P11 library. RSA has tested Key Recovery Manager with Safenet Luna SA.
Related Articles
How to factory reset an RSA Authentication Manager 8.x hardware appliance without a factory reset button from the Operatio… Number of Views How to install RSA Identity Governance and Lifecycle 7.0.x hotfix on a hardware or software appliance Number of Views Locally Install an Original System Image on a Hardware Appliance Number of Views 'An unexpected JavaScript error (Unterminated string constant)' when installing Key Recovery Manager Number of Views Keys stored in nCipher HSM are marked as nonrecoverable even if 'enable key recovery' is set Number of Views
Trending Articles
Connection fails to Cloud Authentication Service when connecting through a proxy server from RSA Authentication Manager to… Downloading RSA Authentication Manager license files or RSA Software token seed records Unable to login to RSA Authentication Manager Security Console as super admin RSA Authentication Manager 8.9 Release Notes (January 2026) How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device
Don't see what you're looking for?
