Prerequisites
Before starting the process of integrating the Securosys CloudHSM or on-premises Primus HSM with the PKCS#11 Engine Plugin, please make sure to fulfill all the necessary requirements listed below:
- Securosys PKCS#11 Provider v1.8.6 or newer
- Securosys CloudsHSM Service (HSM as a Service) or Securosys Primus HSM, firmware v2.8.21, v2.10.5 or newer with PKCS#11 API and Session Object support enabled.
Primus CloudsHSM or Primus HSM Setup and Configuration
Securosys CloudsHSM
Securosys CloudsHSM allows almost instant HSM operation by selecting and contracting the different services and options for your CyberArk Digital Vault For available service packages and options consult our website Securosys CloudsHSM Service and contact Securosys sales.
Ensure the PCKS#11 API is included and activated in you subscription.
Securosys Primus HSM (on-premises)
Consult Primus HSM PKCS#11 Provider User Guide - Primus HSM Configuration to setup the Primus HSM for PKCS#11 usage.
Ensure the PCKS#11 API is licensed and activated on your device.
For general on on-premises Primus HSM hardware, HA Cluster setup and operation in FIPS or Common Criteria certified modes, refer to the corresponding Primus HSM User Guide for details.
PKCS#11 Engine Plugin Essentials
To successfully integrate and configure the PKCS#11 Engine Plugin with Primus HSMs, several essential components and tools are required. Below is a list of the necessary software and resources you will need to set up the environment and ensure smooth operation.
- Windows 11
- Linux
-
Primus PKCS#11 Provider
You can find the download link & credentials here.
-
Microsoft Visual Studio
Download and install Microsoft Visual Studio from Microsoft.
-
OpenSC PKCS11-tool
Download and install OpenSC from the OpenSC GitHub repository.
-
OpenSSL
Download and install the OpenSSL for Windows installation package.
-
OpenSC PKCS#11 Wrapper Library
Download the code of the PKCS#11 wrapper library from the OpenSC/libp11 repository on GitHub.
This guide is based on the following setup to ensure consistency and proper functionality. By using the same configuration, you can follow along smoothly and avoid potential issues during the integration process.
Here are the components and tools used:
Software | Version |
---|---|
Primus HSM | 2.11 |
Primus PKCS#11 Provider | 2.2.2 (Windows 64-bit MSI installer) |
Microsoft Visual Studio | Visual Studio 2022 |
OpenSC PKCS11-tool | 0.25.1 (Windows 64-bit MSI installer) |
OpenSSL | 3.3.2 (Windows 64-bit MSI installer from Shinning Light Productions) |
OpenSC PKCS#11 Wrapper Library | libp11-0.4.12 |
The prerequisites for Linux-based systems will be added to this guide in the future. While we are working to provide these details, please note that it may take some time before they are fully available. We appreciate your patience and understanding as we continue to expand our documentation.