Replies: 1 comment
-
|
See #35677, could you check version 2.8.0? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
We are trying to use the "Azure Key Vault JCA client library for Java" for client authentication using RSA-HSM keys to other services that require https with mTLS. While everything works fine using RSA keys, RSA-HSM keys do not. I also verified that an RSA key that is not marked as exportable will work. I am using the apache HttpClient library for the HTTPS part.
Is there some kind of "trick" that can be applied to make this work properly. Isn't the whole point of key vault is to keep your keys in a safe place. Is "exporting" them over the network really keeping them in a safe place?
Or is there another solution for performing HTTPS/mTLS communication using Azure key vault RSA-HSM keys within an application deployed in Azure? Perhaps a different HTTPS variation in the azure SDK for Java?
I see that there are these classes in the jca library: com.azure.security.keyvault.jca.implementation.shaded.org.apache.http - Would switching to these alternative/parallel class libraries solve the issue? NOPE, This didn't work.
Barring none of the standard Java httpsurlconnection or other common https libraries out there work, are there any bespoke https:// libraries out there that use Azure key vault crypto and keys for the client "S" parts?
Beta Was this translation helpful? Give feedback.
All reactions