Configure Securden
Proceed according the Securden Unified PAM Administrator Guide, chapter "Store Encryption Keys on Securosys HSM", included in the Securden software distribution. This tells Securden how to connect to the Primus PKCS#11 API provider. The steps below are only a short extract and not complete!
warning
Take a backup of the entire database along with the encryption key before starting the HSM configuration process.
- Stop the Securden PAM service on Primary and Secondary servers
- Configure the HSM details
- Navigate to
/<Securden installation folder>/bin
and executeConfigureHSM.exe
- Provide the necessary details for the HSM connection and click
Configure
(see screenshot below)
- Navigate to
Provider name | HSM Provider selection: Securosys |
---|---|
DLL path | Path to the PKCS#11 provider library file Linux: /usr/local/primus/lib/libprimusP11.so Windows: C:\Program Files\Securosys\Primus P11\primusP11.dll |
Slot ID or Token name | HSM user name (partition name) or alternatively PKCS#11 slot id where the Securden encryption key should be stored |
PKCS#11 password | PKCS#11 password of the HSM partition |
Encryption key label | Label of the Securden encryption key in the HSM |