Hello,
We would like to use the HSM 2 nitrokey for TLS authentication on the server side developed in JAVA. The server currently has the ability to have multiple authority certificates stored in a PKCS12 truststore. These certificates can sign multiple “server” (served according to Client Hello SNI) and “client” certificates. “Server” certificates are stored in a PKCS12 KeyStore. We want to replace the PKCS12 by the use of a smartcard (PKCS11 with Nitrokey HSM 2 for example).
My questions:
Is it possible to use nitrokey for the management of TLS authentication and encryption?
How many x509 certificates with their associated private key can we store (Like the entries of a truststore / Keystore PKCS12)?
Thank you