appreciate if you could help me with this topic. Is there a way to support HSMs for SLS key generation? Are there best practice guides about how to protect the SLS-UserCA in a best way? Maybe there are existing guides dealing with this issues. Thanks a lot.