1. Overview This HowTo describes how to configure Rsignd service (PKI service) of WebADM on a PKCS11 cryptographic hardware security module (HSM). The objective is to involve the HSM for all CA signing operations and to increase the protection of the private key. This configuration is probably the most secure setup for a PKI service because the logical and physical access to the HSM is limited to one or few persons in a company.

1. Overview and Requirements RCDevs offer now an easy way to sign any documents at anytime to all third party signatories. OpenOTP signature is a solution which is deployed on premise or in the cloud. Integrate OpenOTP signature in your infrastructure will allow electronic signatures for your company users (LDAP users). If you want to extend your signature processes to external users (users not part of your LDAP directory/directories configured with your WebADM), you have to integrate OpenOTP with YumiSign platform which requires a YumiSign API Key configured in OpenOTP settings.