OpenSSL Dynamic Engine key types

The AWS CloudHSM OpenSSL Dynamic Engine supports the following key types.

Key Type	Description
EC	ECDSA sign/verify for P-256, P-384, and secp256k1 key types. To generate EC keys that are interoperable with the OpenSSL engine, see key generate-file.
RSA	RSA key generation for 2048, 3072, and 4096-bit keys.RSA sign/verify. Verification is offloaded to OpenSSL software.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Installing the OpenSSL Dynamic Engine

Mechanisms