Securden PAM Integration
Proceed according the Securden Unified PAM Administrator Guide, chapter "Store Encryption Keys on Securosys HSM", included in the Securden software distribution. The steps below are only a short extract and not complete!
Backup
Take a backup of the entire database along with the encryption key before starting the HSM configuration process.
- Stop the Securden PAM service on Primary and Secondary servers
- Configure the HSM details
- Navigate to
/<Securden installation folder>/binand executeConfigureHSM.exe - Provide the necessary details for the HSM connection and click
Configure(see screenshot below)
- Navigate to
| Provider name | HSM Provider selection: Securosys |
|---|---|
| DLL path | Path to the PKCS#11 provider library file |
| - Windows default | C:\Program Files\Securosys\Primus P11\primusP11.dll |
| - Linux default | /usr/local/primus/lib/libprimusP11.so |
| Slot ID or Token name | HSM user name (partition name) or alternatively PKCS#11 slot id where the Securden encryption key should be stored |
| PKCS#11 password | PKCS#11 password of the HSM partition |
| Encryption key label | Label of the Securden encryption key in the HSM |
