Prerequisites

Before starting the process of integrating the Securosys CloudHSM or on-premises Primus HSM with the PKCS#11 Engine Plugin, please make sure to fulfill all the necessary requirements listed below:

• Securosys PKCS#11 Provider v1.8.6 or newer
• Securosys CloudsHSM Service (HSM as a Service) or Securosys Primus HSM, firmware v2.8.21, v2.10.5 or newer with PKCS#11 API and Session Object support enabled.

Primus CloudsHSM or Primus HSM Setup and Configuration

Securosys CloudsHSM

Securosys CloudsHSM allows almost instant HSM operation by selecting and contracting the different services and options for your CyberArk Digital Vault For available service packages and options consult our website Securosys CloudsHSM Service and contact Securosys sales.

warning

Ensure the PCKS#11 API is included and activated in you subscription.

Securosys Primus HSM (on-premises)

Consult Primus HSM PKCS#11 Provider User Guide - Primus HSM Configuration to setup the Primus HSM for PKCS#11 usage.

warning

Ensure the PCKS#11 API is licensed and activated on your device.

For general on on-premises Primus HSM hardware, HA Cluster setup and operation in FIPS or Common Criteria certified modes, refer to the corresponding Primus HSM User Guide for details.

PKCS#11 Engine Plugin Essentials

To successfully integrate and configure the PKCS#11 Engine Plugin with Primus HSMs, several essential components and tools are required. Below is a list of the necessary software and resources you will need to set up the environment and ensure smooth operation.

Windows 11

• Primus PKCS#11 Provider

  You can find the download link & credentials here.

• Microsoft Visual Studio

  Download and install Microsoft Visual Studio from Microsoft.

• OpenSC PKCS11-tool

  Download and install OpenSC from the OpenSC GitHub repository.

• OpenSSL

  Download and install the OpenSSL for Windows installation package.

• OpenSC PKCS#11 Wrapper Library

  Download the code of the PKCS#11 wrapper library from the OpenSC/libp11 repository on GitHub.

note

This guide is based on the following setup to ensure consistency and proper functionality. By using the same configuration, you can follow along smoothly and avoid potential issues during the integration process.

Here are the components and tools used:

Software	Version
Primus HSM	2.11
Primus PKCS#11 Provider	2.2.2 (Windows 64-bit MSI installer)
Microsoft Visual Studio	Visual Studio 2022
OpenSC PKCS11-tool	0.25.1 (Windows 64-bit MSI installer)
OpenSSL	3.3.2 (Windows 64-bit MSI installer from Shinning Light Productions)
OpenSC PKCS#11 Wrapper Library	libp11-0.4.12

Linux

The prerequisites for Linux-based systems will be added to this guide in the future. While we are working to provide these details, please note that it may take some time before they are fully available. We appreciate your patience and understanding as we continue to expand our documentation.