--- title: "Can I use a proxy with Fortanix Data Security Manager?" slug: "can-i-use-a-proxy-with-fortanix-data-security-manager" updated: 2024-05-30T15:07:56Z published: 2024-05-30T15:07:56Z --- > ## Documentation Index > Fetch the complete documentation index at: https://support.fortanix.com/llms.txt > Use this file to discover all available pages before exploring further. # Can I use a proxy with Fortanix Data Security Manager? Proxies that do not intercept secure TLS connections, can be used without issues. This may include HTTP proxies that support the CONNECT method. The Fortanix-Data-Security-Manager (DSM) architecture ensures that sensitive information is always encrypted in transit (using TLS), and on the server-side, while stored and in use (using Fortanix Runtime Encryption® technology). A proxy that does intercept secure TLS connections and decrypts the TLS traffic in transit would potentially expose key material and sensitive plaintext. Therefore, proxies should not be configured to intercept TLS connections with a Certification Authority that is trusted by the client. Configuring such unsupported Proxies with Fortanix DSM results in the following limitations: - Sensitive data may be leaked: - Data, such as the input to encrypt, sign and verify operations, and the output to decrypt operations. - Imported and exported key material. - Credentials - No support from Fortanix: - The Fortanix Quality Assurance team does not test software releases with TLS-intercepting proxy configuration, including releases providing urgent security updates. - The Fortanix Customer Success team cannot help in designing or configuring a system that includes a TLS-intercepting proxy. - The current or future functionality of Fortanix DSM may be degraded or non-functional, including but not limited to: - Audit logs will show an incorrect source IP address. - Apps cannot use certificate-based authentication (mutual TLS), including KMIP. Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface. Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface. ## Related - [How does Fortanix DSM SaaS Work?](/how-does-fortanix-dsm-saas-work.md) - [Fortanix DSM for Secrets Injection in OpenShift](/fortanix-dsm-for-secrets-injection-in-kubernetes.md) - [Authentication - App and User](/fortanix-dsm-authentication-app-and-user.md)