AWS KMS v2 CryptoToken Properties
For the version 2 AWS KMS CryptoToken implementation, use the following class:
CRYPTOTOKEN_IMPLEMENTATION_CLASS=com.czertainly.signserver.module.awskms.v2.AWSKMSCryptoToken
The following properties are available to be configured:
| Property | Description | Default Value | Mandatory |
|---|---|---|---|
| AWSKMS_REGION | AWM KMS region name, where the keys should reside. The proper authorization to the region and KMS must be set for the IAM user. For the list of all available regions, see the AWS KMS documentation. | NONE | YES |
| CERT_STORAGE_IMPLEMENTATION_CLASS | Implementation class for certificate storage. Certificates issued for assigned signing keys will be stored according the implementation provided. Each implementation may have additional properties that needs to be configured. | NONE See Certificate Storage Providers for more information. | YES |