STET with Fortranix DSM
Closed this issue · 2 comments
Hi,
I have been trying to use STET with Fortranix DSM. I followed this page: https://support.fortanix.com/hc/en-us/articles/360030816111-Using-Fortanix-Data-Security-Manager-with-Google-Cloud-EKM-Interface and everything seemed to be correctly configured. However, I am getting and error "Error initializing TLS secure session: non-OK status returned: 404 NotFound - {"code":5, "message":"Invalid API path"}.
I was not able to find a solution for this issue and had a hard time figuring out where is this API path set. Could you please help me with this?
Thank you,
Lena Jokanovic
Hi Lena,
In order to securely bind requests to the system attestations, an additional protocol (in addition to the EKM protocol) needs to be implemented by external key managers to support STET. The first EKM partner to support this protocol is Thales Ciphertrust, with other EKM partners to come (see here for more).
At this time, Fortanix DSM has not released a version that includes such support. You will need to contact Fortanix if you would like to learn more about their plans or timelines for providing this feature.
We can look into making the error message more clear for cases where the external key manager does not support this protocol.
Thanks for your interest!
Keith
Hi Keith,
Thank you very much for your quick response!
Best wishes,
Lena