Introduction

Microsoft 365 (previously called Microsoft Office) is a productivity suite for Microsoft Windows which permits users to digitally sign documents. Entrust nShield Time Stamp Option Pack (TSOP) is a time stamp appliance rooted in FIPS and Common Criteria certified nShield Hardware Security Modules (HSM). This document describes the integration of Microsoft 365 with the Entrust time stamp appliance (TSS).

Product configuration

Entrust has successfully tested the nShield TSS integration with Office 365 in the following configuration:

TSS server

Product	Version
OS	Windows Server 2025

Client

Product	Version
OS	Windows 11
Microsoft 365	Office Professional Plus 2021

Product

Version

Windows 11

Microsoft 365

Office Professional Plus 2021

Supported nShield hardware and software versions

Entrust successfully tested with the following nShield hardware and software versions:

Product	Security World	TSOP	Firmware
nShield Solo XC	13.6.12	8.1.0	12.72.4 (FIPS 140-2 certified)

Product

Security World

TSOP

Firmware

nShield Solo XC

13.6.12

8.1.0

12.72.4 (FIPS 140-2 certified)

Requirements

Knowledge of your organization Certificate Practices Statement and a Security Policy / Procedure in place covering administration of the HSM.
Access to the Entrust TrustedCare Portal for downloads and support.
An Entrust nShield Solo XC HSM.
A dedicated Windows server.

Familiarize yourself with the nShield Documentation.

The importance of a correct quorum for the Administrator Card Set (ACS).
Whether Operator Card Set (OCS) protection or Softcard protection is required.
If OCS protection is to be used, a 1-of-N quorum must be used.
Whether your Security World must comply with FIPS 140 Level 3 or Common Criteria standards. If using FIPS 140 Level 3, it is advisable to create an OCS for FIPS authorization. For more information see FIPS 140 Level 3 compliance.
Whether to instantiate the Security World as recoverable or not.