---
title: Hardware security module providers
description: Configure PingAccess to use a hardware security module (HSM) to generate and store key pairs to be used in SSL/TLS cryptographic operations.
component: pingaccess
version: 9.0
page_id: pingaccess:pingaccess_user_interface_reference_guide:pa_hardware_security_module_providers
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/pingaccess_user_interface_reference_guide/pa_hardware_security_module_providers.html
revdate: February 6, 2023
---

# Hardware security module providers

Configure PingAccess to use a hardware security module (HSM) *(tooltip: \<div class="paragraph">
\<p>A dedicated cryptographic processor designed to manage and protect digital keys. HSMs act as trust anchors that protect the cryptographic key lifecycle by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device.\</p>
\</div>)* to generate and store key pairs to be used in SSL/TLS cryptographic operations.

PingAccess uses the HSM agent to direct the creation of new key pairs on the HSM. When you create a key pair, you can specify that it should be created on the HSM.

For more information, see the following topics:

* [Adding an AWS CloudHSM provider](pa_adding_an_aws_cloudhsm_provider.html)

* [Adding a Safenet Luna provider](pa_adding_a_safenet_luna_provider.html)

* [Editing an HSM provider](pa_editing_an_hsm_provider.html)

* [Deleting an HSM provider](pa_deleting_an_hsm_provider.html)