When using a key stored inside Google Cloud HSM, is it possible to get the following metadata fields about the HSM hardware being used:
? When ordering a certificate from a CA, we are asked for these fields for regulatory reasons.
You can see the relevant information Google Cloud HSM makes available about key provenance at https://cloud.google.com/kms/docs/attest-key; you can download an attestation which will assert that the key is limited to an HSM. However, we do not make all the information you are requesting available (and the information specific to a particular HSM does not map well to our on-demand shared infrastructure model).
Can you share the name of the Certificate Authority with these requirements? We'd be happy to approach them about accepting Cloud HSM keys.
Thanks for using Google Cloud and Cloud HSM.