Prerequisites

Before integrating Securosys CloudHSM or on-premises Primus HSM with HashiCorp Vault Enterprise, please make sure to fulfill all the necessary requirements listed below on a machine with an existing HashiCorp Vault Enterprise environment.

• Securosys PKCS#11 Provider v1.8.6 or newer,
• Securosys Hardware Security Module (HSM)
  • CloudHSM (HSM as a Service) or
  • On-premises Primus HSM, firmware v2.8.21 or newer, with PKCS#11 API.

HashiCorp Vault Enterprise

This guide assumes that HashiCorp Vault with Vault Enterprise Plus license is already downloaded and installed on your host machine.

For more details on the installation and configuration, please consult the HashiCorp Vault Documentation.

Hardware Security Module (HSM)

To meet your security and operational needs, you will require a Hardware Security Module (HSM), available either as a cloud service or as an on-premises device.

Cloud

Securosys CloudHSM offers near-instant Hardware Security Module (HSM) operation by allowing you to select and subscribe to a variety of services and options tailored to your needs.

• Subscribe online (Free trial available)
• Contact sales.

On-premises

For on-premises Primus HSM hardware, including High Availability Cluster setup and operation in FIPS or Common Criteria certified modes:

• Browse the Primus HSM User Guide (account required)
• or contact sales.

tip

Ensure the PCKS#11 API is licensed and activated on your HSM device.