Managing system encryption keys

Venafi Trust Protection Platform™ maintains all system information—that is, configuration settings, managed server and certificate information, credentials, archived certificates and private keys—in a database. To secure this information, Trust Protection Platform uses either a software encryption key or a hardware encryption key on a supported HSM device to encrypt the information used to connect to the database.

To secure the encryption assets within the database, Trust Protection Platform also encrypts sensitive information such as certificate private keys, Credential objects, and SSH keys. Trust Protection Platform uses the encryption key to secure encryption assets within the database.