A company issued SSL certificates to its users, and needs to ensure the private keys that are used to sign the certificates are encrypted. The company needs to be able to store the private keys and perform cryptographic signing operations in a secure environment.
Which service should be used to meet these requirements?

A. AWS CloudHSM
B. AWS KMS
C. AWS Certificate Manager
D. Amazon Connect