Dear Aspose Support Team,
I am writing to inquire about the feasibility of signing documents using an AATL member certificate, which is securely stored in an Azure Key Vault HSM (Hardware Security Module). Specifically, I would like to know if your API or service can support signing operations using a certificate retrieved from Azure Key Vault’s HSM.
Could you kindly confirm if this is possible, and if so, provide guidance or documentation on how to implement this functionality within your platform? Any assistance or insights would be greatly appreciated.
@TryMohan I do not have experience with Azure Key Vault HSM. But according to the following answer in StackOverflow:
https://stackoverflow.com/questions/37033073/how-can-i-create-an-x509certificate2-object-from-an-azure-key-vault-keybundle
You can create a certificate from Secret entity’s value. So, theoretically, you can try using the following code to create certificate holder and use it for document signing:
SecretBundle certificatePrivateKeySecretBundle =
await keyVaultClient.GetSecretAsync(certificateIdentifierSecretPart);
byte[] privateKeyBytes = Convert.FromBase64String(certificatePrivateKeySecretBundle.Value);
CertificateHolder holder = CertificateHolder.Create(privateKeyBytes, "");
//..............................