The SecurityServer EKM provider can be customized using the configuration file. Edit the configuration file to your needs; at a minimum, change the Device setting. Make sure the Microsoft SQL Server service account has write access to the folder containing the external keystore and the log file.
|
Parameter |
Description |
|---|---|
|
ConnectionTimeout |
Specifies the maximum time in milliseconds to wait before the connection establishment is aborted if the device is not responding. |
|
Device |
Specifies the device address of the SecurityServer device. This can be a local PCI-e card (PCI:0) or a network address ([port@]IP). By default a cHSM uses the port 4000 + cHSM slot (4001 for slot 1). |
|
KeysExternal |
To enable the external keystore. |
|
KeyStorageType |
The database type for keystorage. This can be |
|
KeyStorageConfig |
Configuration of the KeyStorage. This can be a filepath for the Legacy SDB file or |
|
LogFile |
Specifies the path and the name of the log file. |
|
LogLevel |
Specifies the log level. Higher levels include the information of the lower levels. 0=no log, 1=errors, 2=warnings, 3=info, 4=trace, 5=debug. |
|
LogSize |
This variable defines the maximum size of the log file. If the maximum is reached, the old log file will be renamed to .bak, and a new log file with the name defined by LogFile will be created. |
|
Timeout |
Specifies the maximum time in milliseconds to wait for the answer from SecurityServer after sending a command. |
List of Configuration Parameters