Create an OSKS with HSM in vSEC:CMS
Perform the following tasks to create an Operator Service Key Store (OSKS) with HSM in vSEC:CMS:
- Log in to the vSEC Operator Console (OC).
- Add Service Key Store with HSM.
Perform the following steps to log in to the vSEC OC:
Start the vSEC Admin application.
When prompted, insert your System Owner (SO) hardware credential.
Enter the operator passcode for the System Owner and select [ Authenticate ].
If authentication is successful, the Admin application starts, and you are logged in to the Operator Console.
Perform the following steps to add the Service Key Store with HSM:
In the navigation menu, select Options > Operators.
Select [ Add service key store ] to open the Add Service Key Store (HSM) dialog.
Select the PKCS #11 library in the Key store drop-down menu, specify a Store name, and select [ Add ].
Enter the operator passcode for the System Owner, and select [ OK ].
The new service key store is created, and the master keys are stored on the . You should see a message confirming that the operation succeeded.
Now, all administration key operations performed with the vSEC, such as registering a smart card token or PIN unblock operations, use the master keys stored in .