If Boxcar fails to start during configuration and returns an SSL error, you can use the command below to test the SSL connection between a client and the HSM.
cd /opt/boxcar
openssl s_client -connect <HSM-IP>:7000 \
-CAfile truststore.pem \
-cert boxcar.pem \
-pass pass:`grep "^PARAM BOXCAR-CLIENT-PASSPHRASE" params|awk '
{print $3}'`
where <HSM-IP> is the IP address of the HSM.
Example
openssl s_client -connect 10.10.242.14:7000 \
-CAfile truststore.pem \
-cert boxcar.pem \
-pass pass:`grep "^PARAM BOXCAR-CLIENT-PASSPHRASE" params|awk '
{print $3}'`