Integrating GaraSign with the Crypto Server HSM is done by performing the following steps on each GaraSign Signing and Administration server:
-
Install and configure the Crypto Server Client including the PKCS#11 provider
-
Install the appropriate GaraSign software for the server type (i.e., GaraSign signing software for Signing Server and GaraSign admin software for Administration Server)
-
Ensure the PKCS#11 provider is in the system path
-
Start (or restart) the Tomcat instances on the Signing and Administration servers
-
From the GaraSign Administrative Console, create a key container of type Utimaco Security Server
Details for step 1 can be found in your Utimaco documentation. Details for step 2 can be found in your GaraSign documentation, although this is typically handled by your GaraSign professional services personnel.
The rest of this section focuses on step 5 – creating the key container in the GaraSign Administrative Console.