Scribd
Upload
269 views2 pages

Gemalto SafeNet HSM EDC-PS Quick Reference

1. The document provides step-by-step instructions for configuring an HSM device including: setting the IP address, hostname, and default gateway; enabling remote reset; and validating the IP configuration. 2. It involves logging in as the root user, editing configuration files to set networking parameters, rebooting the device, and validating the IP address. 3. Additional notes are provided about Windows server environment variables and modifying the GRUB configuration if the HSM is on a different network segment.

Uploaded by

Carlos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
269 views2 pages

Gemalto SafeNet HSM EDC-PS Quick Reference

1. The document provides step-by-step instructions for configuring an HSM device including: setting the IP address, hostname, and default gateway; enabling remote reset; and validating the IP configuration. 2. It involves logging in as the root user, editing configuration files to set networking parameters, rebooting the device, and validating the IP address. 3. Additional notes are provided about Windows server environment variables and modifying the GRUB configuration if the HSM is on a different network segment.

Uploaded by

Carlos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
You are on page 1/ 2

MX <--> Server General Port Information

Note: This info obviously does not apply for desktop printers. According to the desktop printer
solution, needs may vary (for instance, CDI accesses port 1500 on the server for the EMV stack in
many configurations while Card Wizard has a number of potential configurations).

Regarding HSM configuration, here is a detailed step-by-step breakdown

1) Unbox the HSM. If it is an external SafeNet/Gemalto appliance device, make sure never
to lose the key in the shipping container that fits into the “Tamper” slot. However, the
HSM should NOT be set to tamper, except when wiping keys or receiving specific
instruction to do so. All other software and Chip reader in the box should not be
needed for the purpose of installation.
2) Physically rack, connecting a monitor and keyboard (mouse optional). Connect an
ACTIVE Ethernet network cable to Eth 0 port (first Ethernet NIC port)
3) Power on to boot up HSM. The default user is root and the default password is
password for purpose of login.
4) Once logged in, the following sequence of commands can be taken at the prompt.
Please type them exactly, including spaces:

--to set IP address


cd /etc/sysconfig/network-scripts
vi ifcfg-eth0
·1 Hit the ‘I’ key to enter Insert mode
·2 Modify the IPADDR and NETMASK values to be proper static value for HSM device
·3 Hit the ‘Esc’ key to exit Insert mode
·4 Type ‘:wq’ (without the ticks/quotes) and press enter to save file. Note: Typing ‘:q!’
lets you exit without saving if you make a mistake.

--to verify results were saved


cat /etc/sysconfig/network-scripts/ifcfg-eth0

--to set HOSTNAME and default GATEWAY


cd /etc/sysconfig
vi network
·5 Hit the ‘I’ key to enter Insert mode
·6 Modify/add the HOSTNAME and GATEWAY values to be proper static value for HSM
device. Your HSM may not need a gateway if the server is on the same subnet.
·7 Hit the ‘Esc’ key to exit Insert mode
·8 Type ‘:wq’ (without the ticks/quotes) and press enter to save file. Note: Typing ‘:q!’
lets you exit without saving if you make a mistake.

--to verify results were saved


cat /etc/sysconfig/network

--to enable remote HSM reset


echo ET_HSM_NETSERVER_ALLOW_RESET=Always > /etc/default/et_hsm
--to verify file was created
cat /etc/default/et_hsm

--to reboot HSM


reboot

--login as root again


--to validate IP Configuration. Make sure IP returned from this command is correct.
ifconfig

--to logout but leave HSM running


exit

--note: Windows server using this HSM will generally need system environment variable
ET_HSM_NETCLIENT_HEARTBEAT=ON
--note: If this is a “PS2” HSM and is on a different network segment than the server,
follow the instructions for modifying the GRUB configuration that are in
Gemalto/SafeNet "PSE_Grub_Configuration" document.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy