Skip to main content

Primus HSM PKCS#11 Provider

Download the Primus HSM PKCS#11 Provider and follow the Primus HSM PKCS#11 Provider Installation process to install and configure the Primus PKCS#11 Provider on the HashiCorp Vault Enterprise Edition machines.

info

Consult Primus PKCS#11 User Guide - Configuration for alternative configuration file locations.

Check HSM Connectivity

Ensure that you have HSM connectivity using the command ppin --test, and note the slot id (to be used in Vault configuration). Example:

ppin --test

Load config file: '/etc/primus/primus.cfg'

hsm0: Connect to a-api.cloudshsm.com port 2310, firmware: RX-2.10.0-T
          slot0 (id=0), user=MYVAULT: OK
          slot1 (id=3), user=TESTPARTITION: CKR_TOKEN_NOT_PRESENT

info

For more troubleshooting information see Primus HSM PKCS#11 Provider Testing and Troubleshooting