Hi,
Just reviving this conversation again to get some clarity.
Currently, from what I understand from the discussion so far is -
- Mender Client supports offloading the TLS and storing the mender-private.pem inside an HSM.
- Securing IoT software deployments with Mender and NXP EdgeLock™ SE050 talks about this, and I was able to follow the instructions similarly with another HSM vendor, and it worked as expected. From what I understood, even softHSM would work as well.
My question is about securely storing the server side keys and offloading server side connections to an HSM as well.
Is this currently supported at all ? And if it is, is it only on Mender Enterprise ?