About the integration
This guide provides an integration guide explaining how to integrate Utimaco SecurityServer Hardware Security Module (HSM) with Bind9. Utimaco HSM securely generates and stores the KSK and ZSK keys required by bind9 to sign the zone files.
BIND9
BIND9 is an open-source DNS server software used for secure DNS services. It supports DNSSEC, dynamic updates, zone transfers, and load. The Berkeley Internet Name Domain (BIND) software implements a domain name server for several operating systems. BIND 9 can be configured as an authoritative name server, a resolver, and, on supported hosts, a stub resolver. While large operators usually dedicate DNS servers to a single function per system, smaller operators will find that BIND 9’s flexible configuration features support multiple functions, such as a single DNS server acting as both an authoritative name server and a resolver.
UTIMACO CryptoServer HSM
CryptoServer is a hardware security module developed by UTIMACO IS GmbH. CryptoServer is a physically protected specialized computer unit designed to perform sensitive cryptographic tasks and to securely manage as well as store cryptographic keys and data. It can be used as a universal, independent security component for heterogeneous computer systems.
