Command Summary | Utimaco Integration Guides

Command used	Purpose
`pkcs11-tool --module /usr/lib64/libcs_pkcs11_R3.so --slot-index 0 --login --pin <HSM_PIN> -O`	Verify AES key presence on HSM
`systemctl stop pam-gui`	Stop Kron PAM GUI service before configuration
`cp libcs_pkcs11_R3.so /usr/lib64/`	Deploy PKCS#11 shared library
`chmod 755 /usr/lib64/libcs_pkcs11_R3.so`	Set execute permissions for PKCS#11 library
`cp CryptoServerJCE.jar /pam/kron/lib/`	Copy Utimaco JCE provider to Kron PAM
`chown pamuser:pamuser /pam/kron/lib/CryptoServerJCE.jar`	Set ownership for JCE provider
`chmod 600 /pam/kron/lib/CryptoServerJCE.jar`	Restrict access to JCE provider
`mkdir -p /pam/kron/security/hsm/`	Create HSM configuration directory
`mkdir -p /etc/utimaco`	Create Utimaco config directory
`mkdir -p /var/log/utimaco`	Create log directory for HSM library
`export CS_PKCS11_R3_CFG=/etc/utimaco/cs_pkcs11_R3.cfg`	Set environment variable for HSM config
`dnf install opensc -y`	Install OpenSC tools (optional verification)
`java -jar hsm-masterkey-registration.jar /pam/kron/security/security.properties`	Register HSM key and encrypt PIN
`java -jar dek-rotator.jar /pam/gui/netright/netright.properties`	Migrate DEK records to HSM
`systemctl restart pam-gui`	Restart Kron PAM service after configuration

List of commands used