Copy this file from the Remote File System (RFS) or another existing HSM client.
Source path (Windows example) | Destination path |
|---|---|
C:\ProgramData\nCipher\Key Management Data\config\config | kmdata/config/config |
Edit the copied file and ensure the [nethsm_imports] section includes the following content for each HSM.
local_module=0remote_ip=<ip>remote_port=9004remote_esn=<ens>keyhash=0000000000000000000000000000000000000000privileged=1privileged_use_high_port=0ntoken_esn=See below for a description of each parameter.
Parameter | Value |
|---|---|
<ip> | The IP address of the HSM |
<esn> | The Electronic Serial Number (ESN) unique identifier of the HSM |
When deploying multiple HSMs, use five dashes ("-----") to separate each HSM configuration – for example:
local_module=0remote_ip=<ip>remote_port=9004remote_esn=<esn>keyhash=0000000000000000000000000000000000000000privileged=1privileged_use_high_port=0ntoken_esn=-----local_module=0remote_ip=<ip>remote_port=9004remote_esn=<esn>keyhash=0000000000000000000000000000000000000000privileged=1privileged_use_high_port=0ntoken_esn=Save the changes.