Prerequisites
Before starting the process of integrating the Securosys CloudHSM or on-premises Primus HSM with Microsoft SQL Server - Always Encrypted please ensure the following is met on a client machine with MS SQL installed, hosting your client applications:
- Windows operating system with Crypto API Next Generation (CNG) (Server 2016 or higher, Windows 10 or higher).
- Always Encrypted-enabled driver
- Microsoft .NET Framework 4.6.2 RC or later (e.g. for applications developed with Microsoft Visual Studio)
- JDBC 7 or later
- ODBC 13.1 or later
- Securosys Primus CNG/KSP Provider installed and configured.
Always Encrypted imposes some restrictions. For details consult the Microsoft Always Encrypted documentation.
MS SQL Installation
This guide assumes that MS SQL Server is already installed and configured. The following prerequisites must be met for the MS SQL installation:
- Either Microsoft SQL Server 2016 SP1 (all editions) or later is installed and configured. See Microsoft SQL documentation - Operating System Support for your SQL server edition,
- or Microsoft SQL Server 2016 Enterprise Edition,
- or Azure SQL Database V12.
- A database has to be created and preconfigured beforehand
Securosys CloudHSM or Primus HSM Setup and Configuration
- Securosys CloudHSM
- Securosys Primus HSM (on-premises)
Securosys CloudHSM allows almost instant HSM operation by selecting and contracting the different services and options. For available service packages and options consult our website Securosys CloudHSM Service and contact Securosys sales.
Ensure the CNG API is included and activated in your subscription.
For general on-premises Primus HSM hardware, HA Cluster setup and operation in FIPS or Common Criteria certified modes, refer to the corresponding Primus HSM User Guide for details.
Ensure the CNG API is licensed and activated on your HSM device.