Setting up the CNG Provider | Utimaco Integration Guides

The CS_CNG_CFG environment variable contains the path and name of the configuration file. By default, it is located at C:\ProgramData\Utimaco\CNG\cs_cng.cfg.

Open the cs_cng.cfg file with an appropriate text editor.

For more advanced configuration, refer to [CspCng].

›_ Console

> notepad %CS_CNG_CFG%

For this installation set the path to the log file and set the log level to "TRACE".

cs_cng.cfg file

# Path to the logfile (name of logfile is attached by the API)
Logpath = C:\ProgramData\Utimaco\CNG\log
# Loglevel (0 = NONE; 1 = ERROR; 2 = WARNING; 3 = INFO; 4 = TRACE)  
Logging = 1

Set the IP address of the HSM.

cs_cng.cfg file

# default device and fallback devices
Device = 10.44.223.141

Set the Login. In this case, the name of the Cryptographic User is "Ca1User" with an HMAC password "Utimaco".

cs_cng.cfg file

# Login = username,HMACPwd=password
Login = Ca1User,HMACPwd=Utimaco

The Configuration File used in this document.

cs_cng.cfg file

# Maximum size of the logfile in bytes
Logsize = 8mb

# Keys are stored in an external or internal database
KeysExternal = false

# Path to the external keystore. Directory must be given, not file! 
#KeyStore = C:\ProgramData\Utimaco\CNG\keys 

# Export policy for newly created keys: 0=allow all, 1=deny plain export 
(standard), 2=deny all 
ExportPolicy = 1

# Prevents expiring session after inactivity of 15 minutes 
KeepAlive = true

# Timeout of the open connection command in ms 
ConnectionTimeout = 3000

# Timeout of command execution in ms 
CommandTimeout = 60000

# CXI group for all keys. The user has to have access to this group. 
Group = CngCa1