Primus HSM - Quickstart Guide
Prerequisites
Before starting to setup your HSM, ensure that you have all the required items and files on hand. Below is an overview of everything you need in order to being your setup.
Procure Files and Credentials
| Information | Description |
|---|---|
| Securosys Support Portal Access | Access to the Securosys Support Portal is required to procure credentials and files. If you are not a registered Support Portal user, check with your administrator or contact support@securosys.com for registration. |
| Activation Code | Retrieve the Activation Code for the Genesis smart card activation (physical/virtual), via Support Portal Ticket Activation Code request and indicate your Affected Equipment (Asset). Activation code is not required if you have received the Genesis PIN letter. |
| License | Download your assets license file from the Support Portal, provided as attachment on the specific asset in the section Equipment & Contracts. |
| Firmware | Download the latest or required firmware. See Downloads on how to do so. |
Unpack Your HSM
Check the contents of the delivery. Depending on the device type the content of the package may differ. Each HSM package contains:
- Primus HSM device
- Quick Start Guide
- Power cable(s)
- 1 USB memory stick
Primus HSM X2/X/S2/S-Series additionally contain smart cards for 2-factor authentication:
- 2 Genesis Cards smart cards (blue)
- 3 Security Officer (SO) smart cards (red)
Setup
Setup your HSM according to the Primus HSM User Guide chapter 3 for your installed firmware.
To speed up your setup, prepare a separate USB memory stick for each device, containing the license, firmware and configuration. Then insert the USB into the HSM before running the initial wizard.
If not done already, set your HSM in a server rack and connect it to power and an established network. Optionally connect the HSM with a PC via the serial port.
- Evaluate the installed HSM firmware version (as the installation procedure may differ)
- Apply license and firmware update(s)
- Initialize the HSM (initial wizard)
- Check the device integrity (digital seal and hardware seal)
- Setup network and initial policy configuration (if not done during the initial wizard)
Setup High Availability Cluster
After successfully setting up your first HSM, proceed with initializing your other devices.
Establish a High Availability cluster by cloning your Master HSM device. View High Availability Cloning for more information.
Remote Management (Decanus Terminal)
Optionally pair your Decanus Terminal with your Primus HSM HA cluster to enable remote management of the HSMs. View Device Management - Decanus Terminal for more information.
API Integration
Your applications can connect to the Primus HSM using the following APIs:
Download the latest or required provider software from the Support Portal. See the respective API provider documentation for installation and usage instructions.
Additionally, for integrating with other applications, from databases, to BYOK, to secrets management engines, visit the HSM Solutions Explorer.