Quickstart
This guide provides an overview of how to set up and use the Primus CNG API provider.
Please ensure that all prerequisites are met.
1. Install the provider via the GUI
-
Download the latest CNG/KSP Provider (account required).
-
Copy the zip file to your server or client and extract the archive.
-
Select the appropriate MSI setup package according to your Windows System type (x86, x64).
-
Double-click the MSI package to begin the interactive installation.
-
Click
Next.
-
Click
Nextto leave the default installation folder or adapt it according to your needs.
-
Click
Installto start the installation.
-
Click
Finishto complete the installation and to launch the configuration GUI. After successful installation, the "Securosys Primus HSM Key Storage Provider" should be listed when executing the following command as administrator:certutil -csplist
2. Configure the Key Storage Provider (KSP)
From the Windows menu, run the Securosys "Key Storage Provider Configuration":
-
If multiple instances are installed, choose the one want to configure one from the Provider drop-down list.
-
Add all redundant HSM connections of the cluster, as well as their fallback priority.
-
Click
Newto add a new HSM connection. -
Fill in all the required parameters, including user partition credentials and, if required, the proxy credentials (e.g. for CloudHSM), as provided by your Security Officer (SO) or your CloudHSM service provider. See also the HSM Connection Parameters.
-
Configure all your further redundant HSM connections (and provider instances) in the same way.
-
Click
Test all Connectionsto verify connectivity to your HSMs and to retrieve the permanent secret.
The status indicators should change to green after a successful connection. The CNG/KSP Provider is now ready for use by the applications.
For more detailed instructions, please consult:
- the Installation section
- the Tutorials section