Skip to main content

Quick Start

This quick start guide provides a comprehensive task listing to download, setup and use the Securosys Secrets Engine plugin. For more detailed instructions consult the Installation and Tutorial section.

  1. Download and install Hashicorp Vault, if is it not prepared yet.
  2. Download plugin from Securosys jfrog repository
    Login: robot.reader.hashicorpvault
    Password: REPLACE_ME_WITH_PASSWORD
  3. Add to config.hcl plugin directory path parameterplugin_directory, if this parameter already not exits. For example: plugin_directory=/home/test/vault/plugins
  4. Copy proper plugin binary to plugin directory.
  5. Run this command $ vault plugin register -sha256={binary_checksum} secret securosys-hsm
    Where:
    • {binary_checksum} is checksum of the plugin binary
Note

Binary checksum is already generated and stored inside every build version of this plugin

  1. After successfully registration, run command to enable plugin
    $ vault secrets enable securosys-hsm
  2. The last step is setup configuration to connect with TSB. Example using Bearer Token:
$ vault write securosys-hsm/config 
auth="TOKEN" 
bearertoken="jwt token string"
restapi="https://primusdev.cloudshsm.com"
Note

More examples of plugin configuration can be found here: Configure the plugin