Primus HSM PKCS#11 Provider
Download the Primus HSM PKCS#11 Provider and follow the Primus HSM PKCS#11 Provider Installation process to install and configure the Primus PKCS#11 Provider on the HashiCorp Vault Enterprise Edition machines.
info
Consult Primus PKCS#11 User Guide - Configuration for alternative configuration file locations.
Check HSM Connectivity
Ensure that you have HSM connectivity using the command ppin --test
, and note the slot id
(to be used in Vault configuration). Example:
ppin --test
Load config file: '/etc/primus/primus.cfg'
hsm0: Connect to a-api.cloudshsm.com port 2310, firmware: RX-2.10.0-T
slot0 (id=0), user=MYVAULT: OK
slot1 (id=3), user=TESTPARTITION: CKR_TOKEN_NOT_PRESENT
…
info
For more troubleshooting information see Primus HSM PKCS#11 Provider Testing and Troubleshooting