HSM E2E How-to?


I’m looking at a new Nextcloud deployment and am interested in deploying E2E encryption. I noticed several references to HSM support, but no concrete details beyond that on the feature. Looking for the next level of detail regarding which HSM platforms are supported, how to configure them, whether files or just user credentials are encrypted / decrypted / signed / verified / etc. by the HSM.

Basically trying to get a sense of the requirements and steps to implement / configure HSM support for server-side and E2E encryption. Searching for HSM in the official documents comes up with zero results, and the forum and/or google isn’t much better beyond feature announcements. Any pointers to anything practical?

Thanks in advance for the help,

Well, E2E is not fully implemented and working on all clients. Even the basic functions are not documented, the HSM support was announced for enterprise users. You better ask the nextcloud.com about it and its schedule for implementation.