Key Management

Reliable and Secure OpenStack Key Management.

What you’ll get

Users are able to seamlessly secure their data while maintaining its accessibility, without the burden of managing their keys personally. Through OpenStack’s key management service Barbican, user concerns over privacy or misuse of data are addressed.

Provides Secure Storage, Provisioning and Management of Secrets

OpenStack’s key management enables users to securely store and manage all of their most sensitive information.

Learn more

Integrates Seamlessly With All Other Offered Cloud Services

Make the most of key management through its compatibility with all of our available OpenStack cloud services.

Learn more

Integrates Easily With Third-Party HSMs Through PKCS#11

OpenStack’s key management service has the ability to interface with Hardware Security Modules using the PKCS#11 protocol.

Learn more

Provides Secure Storage, Provisioning and Management of Secrets

Employ OpenStack’s key management for all of your secret’s security, provisioning and management needs.

  • Plug-In Based Architecture

    This plugin architecture enables users to store their secrets in one or more secret stores. These secret stores can be software-based, meaning they can be in the form of a software token, or based in hardware devices such as a Hardware Security Module (HSM).

  • Storage & Management

    The secrets that can be stored and managed through OpenStack’s key management are passwords, encryption keys as well as X.509 certificates.

secure storage

Integrates Seamlessly With All Other Offered Cloud Services

Take advantage of key management’s uncomplicated integration with OpenStack’s enterprise grade cloud service offerings.

  • Block Storage

    Key management stores encryption keys for encrypted volumes through simplified integration with OpenStack’s block storage service.

  • Keystone

    Seamlessly integrates with OpenStack’s identity authentication service for complete role-based access control.

  • Image Storage

    Easily integrates with OpenStack’s image storage service for signed images, making it possible for users to verify that an uploaded image has not been tampered with.

  • Object Storage

    Key management enables the encryption of data at rest through integration with OpenStack’s object storage service.

integrates seamlessly

Integrates Easily With Third-Party HSMs Through PKCS#11

OpenStack’s key management enables users to integrate with third-party Hardware Security Modules (HSMs) through the PKCS#11 plug-in.

  • Optimal KEK

    Your secrets are encrypted and decrypted through project specific KEKs (Key Encryption Key) residing in your third-party HSM.

  • Increasingly Secure

    Because each project uses a different Key Encryption Key that is stored inside the selected HSM, as opposed to the plaintext within the configuration file, the PKCS#11 plugin is much more secure than the simple crypto plugin.

integrates easily

Take advantage of our expertise! VEXXHOST is OpenStack Certified.

Our cloud services contain OpenStack software that has been validated through testing to provide API compatibility for OpenStack core services.

Our infrastructure is currently running Stein — the latest OpenStack release.

Get Started With

Private Cloud

Latest Blog Posts & News