📄️ Creating an Example External Key Store in AWS KMS
To perform the following steps, please refer to the AWS Key Management Service (AWS KMS) console at https://console.aws.amazon.com/kms. Ensure that you select the appropriate region in which you previously created the VPC. For example, choose "eu-central-1" (Frankfurt) in the top-right corner.
📄️ Encrypt/Decrypt
As an example we will be performing the operations of encryption and decryption, which are elaborated in the AWS documentation. To execute these operations, it is necessary to establish a connection with our EC2 instance, as described in the preceding step, and deploy the Securosys XKS Proxy. For this purpose, the following commands are recommended:
📄️ Example .jks file generation
The .jks domain file is required for the Securosys XKS proxy to authenticate to your domain. To correctly configure the Securosys XKS proxy a path to the .jks file must be adapted in the application.yaml file, see parameter ssl: key-store in chapter 3.2Securosys XKS proxy configuration.