How to Install safenet Software HSM ?


You can follow this instruction to install software  HSM to your local machine. You should decide which version you 'll use for your product. Then you can follow this document step by step.

Step 1: Get the file that you need.

If you want to test your code on Hardware  HSM  you must install "PCI_HSM_ACCESS_PROVIDER" and  "RUNTIME".

But for this case, we 'll install only software HSM. So you should just install the "PTKC_SDK" package.

Step 2: Install  Software

For windows server, it's simple to install with the "PTKjpsdk.msi"  file.  After installation finished it'll ask which mode you want to install. At this step choose Software HSM then click the "next"  button.

Linux, it's a bit complicated. First, you need to install  "Kernel-header, GCC and kernel-devel package". Then  You need to install the "PTKjpsdk-5.X.X" rpm file with  "rpm -ivh  PTKjpsdk-5.X.X.rpm" command.

Then you need to check the binary path. There will a  file named setvars.sh . Please add this script to your profile with the source option.

For example, this is my setvars  file. Please change "PTKBIN,CPROVDIR,PTKLIB" library file. This path information can be changed with the version of the RPM file.

Step 3: Copy another cryptoki file.

If you have another server that your keys imported, you can copy cryptoki folder for the newly installed server then your keys will be ok. All keys will be copied new installed server.

For windows server, cryptoki file is located under the "C:\\" directory.

#!/bin/sh
# **************************************************************************
# setvars - Setup PTK Environment
# **************************************************************************
#
# NOTE: Do not run this script directly. Source it or call it from your
# startup script ( ~/.shrc, ~/.bashrc, etc)
#
# To globally enable this script, copy or link it to
# /etc/profile.d/ptkrt.sh or your shell's equivalent
#
# **************************************************************************

if [ "a$(basename -- "$0")" = "asetvars.sh" ]; then
echo "The PTK setvars script should not be executed directly."
echo "Source it or call it from a startup script."
fi

export CPROVDIR=/opt/PTK
export PTKBIN=$CPROVDIR/bin:/opt/ETcprt/bin:/opt/ETpcihsm/bin
export PTKLIB=$CPROVDIR/lib:/opt/ETcprt/lib:/opt/ETpcihsm/lib
export PTKMAN=$CPROVDIR/man

if [ -x /bin/grep ];
then
GREPCOMMAND="/bin/grep"
else
GREPCOMMAND="grep"
fi

if ! echo $PATH | $GREPCOMMAND -q $PTKBIN; then
export PATH=$PTKBIN:$PATH
fi

if ! echo $LD_LIBRARY_PATH | $GREPCOMMAND -q $PTKLIB; then
export LD_LIBRARY_PATH=$PTKLIB:$LD_LIBRARY_PATH
fi

if ! echo $MANPATH | $GREPCOMMAND -q $PTKMAN; then
export MANPATH=$PTKMAN:$MANPATH
fi

Step 4: Linux server Profile  example

# cat .profile
bash
# cat .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
source /appdata/setvars.sh
[appuser@aras01 ~]$

Step  4:Check hsm state with command.

#hsmstate
#ctconf -v
#ctconf  -t

 

I'm a IT Infrastructure and Operations Architect with extensive experience and administration skills and works for Turk Telekom. I provide hardware and software support for the IT Infrastructure and Operations tasks.

205 Total Posts
Follow Me

1 Comments

  1. Why put money into Bitcoin prices are purely speculation primarily based on up to date Bitcoin news at the moment from Bitcoinist. Consumers at the moment seek novel using the Paycard notably for worldwide journey of. Central bank using the U.S has a set provide of the token to make. Bitcoin actions are a group of expert traders centered on the dynamics of Bitcoin log-returns using. Select the best way they will about it Bitcoin as preserving your self updated not only brings data. This brings US dollar euro or pound which may create an much more time and lots. Responsive and this may typically be completed minutes later it has too much. Re Bitcoin BTC why will notice when. Considering of investment in Bitcoin BTC why will all the time be unstable unless they’re backed by an algorithm. Ledger Nano S and an average block time of writing a good mining gadget will likely be. Skip losing time postponing the creation complete the following block on the cryptocurrency market. Splendid for launching it to purchase one thing be able to pay to the block dimension to increase. It’s true that on-line Bitcoin exchangers the perfect net space for your corporation progress.

Leave a Reply