Is it possible to store the keys for intercepting TLS sessions in the Web Filter with an HSM device? I looked at the manuals and only found references to the FortiADC.
If it is possible would you mind answering these questions?
- Is the key transaction made once per TLS session, or at machine startup?
- Would you recommend against having a HSM centrally and connecting to it over the internet?
- Is there any other ways to protect the keys in remote locations?
Any reply is most appreciated!