Run the generate-key.sh script after configuring an nShield HSM and before deploying a solution that uses this HSM, or before retrying a failed deployment. This script:
- Prompts you for the OCS (Operator Card Set) passphrase.
- Checks whether the
kmdata.tarconfiguration file contains a wrapping key. - Generates the key and updates the
kmdata.tarconfiguration file if the key does not exist.
See Downloading the installation files for instructions on obtaining this script.