Prerequisites
Before starting the process of integrating the Securosys CloudHSM or on-premises Primus HSM with HashiCorp Vault Enterprise Edition, please make sure to fulfill all the necessary requirements listed below on a machine with an existing HashiCorp Vault Enterprise Edition environment.
- Securosys PKCS#11 Provider v1.8.6 or newer,
- Securosys CloudHSM Service (HSM as a Service) or
Securosys Primus HSM, firmware v2.8.21 or newer
with PKCS#11 API.
HashiCorp Vault Enterprise Edition Installation
This guide assumes that HashiCorp Vault with Vault Enterprise Plus license is already downloaded and installed on your host machine.
Please consult the HashiCorp Vault Enterprise Documentation for more details on the installation and configuration of HashiCorp Vault Enterprise.
CloudHSM or Primus HSM Setup and Configuration
- Securosys CloudHSM
- Securosys Primus HSM (on-premises)
Securosys CloudHSM allows almost instant HSM operation by selecting and contracting the different services and options. For available service packages and options consult the service description or contact sales.
Ensure the PKCS#11 API is included and activated in your subscription.
For general on-premises Primus HSM hardware, HA Cluster setup and operation in FIPS or Common Criteria certified modes, refer to the corresponding Primus HSM User Guide (account required) for details.
Ensure the PCKS#11 API is licensed and activated on your HSM device.