Hardware Security Module
13.1
SafeNet HSMs
In order to set up SafeNet HSMs to work with IDENTIKEY Appliance, you need to set up the following components:
Software
The following software must be installed on the HSM:
Version 2.07 or higher of the SafeNet ProtectServer firmware
The following software must be installed on the machine on which HSM administration tasks will be carried out:
Network or PCI Access Provider v4.00
ProtectToolKit C Software Development Kit v4.00
Protect Processing Orange Software Development Kit v3.00
Administrator Account
The setup process requires administration privileges in at least one administration token and one user token on
the Hardware Security Module.
Firmware Module
There are two options
i
Unsigned Firmware Module
The unsigned VACMAN Controller Firmware Module file –
aal2sdk.fm
- should be copied to the machine on which
the HSM administration will take place. You will have to generate your own self-signed certificate to sign the
module before uploading the signed module into the HSM.
ii
Signed Firmware Module
The signed VACMAN Controller Firmware Module file –
aal2sdk.fm
– should be copied to the machine on which
the HSM administration will take place. The corresponding VASCO code signing certificate is required to upload
this signed module (
vascosigningcert.crt
).
13.1.1 Install Unsigned Hardware Security Module
1.
Install the Hardware Security Module, with the required drivers and libraries.
Caution
Ensure that the machine is restarted after the installation.
To install VACMAN Controller Firmware Module in the Hardware Security Module:
IDENTIKEY Appliance Installation and Maintenance
101
