Before you begin, please ensure that you have installed/setup:
-
CryptoServer is setup and configured. Refer the CryptoServer documentations to setup the HSM
-
MBK must be created and stored onto each HSM. Refer the CryptoServer documentations to setup the MBK
-
CryptoServer Default Admin should be replaced with a new admin user
-
Operating system listed in Tested Versions
-
SQL Server listed in Tested Versions
-
SQL Server Management Studio
-
SecurityServer listed in Tested Versions with SecurityServer EKM provider
-
A cryptographic user on that SecurityServer
You should also be familiar with SQL statements, as this guide makes intensive use of them.
After the successful SecurityServer setup, you should find these files on your system for use with the SecurityServer EKM provider:
cssqlekm.dll and cssqlekmlib.dll
The former is the provider library that will be loaded into SQL Server, and the latter is required by it. These files are located in C:\Program Files\Utimaco\SecurityServer\Lib\ which must be in system PATH.
cssqlekm.cfg
This file contains the parameters that the SecurityServer EKM provider will use when communicating with the HSM. Please see the next sections for details.