u.trust GP HSM is a hardware security module that secures cryptographic key material for servers and applications. It includes integration software that supports the industry standards (e.g. PKCS#11, Microsoft CSP/CNG, JCE…) which are used in many application scenarios, e.g., Enterprise PKI application and database encryption. The General Purpose HSM is available as PCIe embedded card or as network attached appliance. The key management and cryptographic functionalities provided by u.trust GP HSM are used by Bloombase StoreSafe for encryption protection of data-at-rest for general-purpose use cases.
In order to utilize the PKCS#11 functionality, the token must be initialized.
As an example, the u.trust GP HSM is assigned a token label as follows
p11tool2 slot=0 Label=CryptoServer Login=ADMIN,ADMIN.key InitToken=<so pin>
A user pin will be needed for PKCS#11. To setup the user pin, run the following command,
p11tool2 slot=0 LoginSO=<so pin> InitPin=<user pin>
To check if u.trust GP HSM is initialized, run
p11tool2 slot=0 ListSlots=status
