Skip to main content

Prerequisites

Please adhere to the below-listed prerequisites as they are required for the correct installation, configuration and usage of the Primus Tools.

  • Java Runtime Environment (JRE) 8 or newer
  • “Unrestricted policy” files for Oracle Java (not required for OpenJDK), e.g. downloadable from https://www.oracle.com/java/technologies/javase-jce8-downloads.html (see README.txt how to install)
  • Securosys Primus HSM or Clouds HSM Service with JCE license and JCE API enabled
  • Securosys PrimusX JCE provider v2.2.x or newer.

Primus HSM Configuration

Setting-up the Primus HSM hardware is not described in this guide. Please refer to the corresponding User Guides downloadable from the Securosys Support Portal.

info

The CloudHSM partition comes preconfigured for use with Primus Tools. Ensure the JCE API is included and activated in your subscription. For available service packages and options please consult our website Securosys CloudHSM Service, or visit Cloud Console. CloudHSM connectivity details are communicated within the Welcome Support Ticket. General CloudHSM connectivity parameters are shown on CloudHSM - HSMaaS - Connectivity Details

Follow the steps shown below to configure the on-premises Primus HSM:

  • The Primus Tools require the JCE interface enabled on device and user level (plus license):
  SETUP → CONFIGURATION → SECURITY → DEVICE SECURITY → CRYPTO POLICY → JCE
  SETUP → CONFIGURATION → SECURITY → USER SECURITY → JCE
  • The Primus Tools require a valid setup password, which can be renewed as follows:
  ROLES → USER → NEW SETUP PASSWORD
caution

As the temporary setup password will expire, you should retrieve the permanent secret (which does not expire). See HSM Connection and Access Credentials on how to fetch the permanent secret.