Create the PKCS#11 User and Security Officer | Utimaco Integration Guides

First, demonstrate that we have access to the HSM, at the Device Specifier found in the configuration file above.

The steps below use a combination of csadm and p11tool2 commands.

The following steps are also possible using the CAT (CryptoServer Administration Tool) and the P11CAT (PKCS#11 CryptoServer Administration Tool).

To verify access, use the csadm tool:

>_Console

$ csadm GetState

The response to a GetState command is either a table of current data about the state of the CryptoServer, or it is a connection timeout message:

>_Console

$ csadm GetState
mode = Operational Mode
state = INITIALIZED (0x00100004)
temp = 23.7 [C]
alarm = OFF
bl_ver = 5.01.0.4 (Model: Se-Series Gen2)
hw_ver = 5.01.0.0
uid = 40000018 84f59001 | @
adm1 = 53653530 30202020 43533630 30303133 | Se500 CSP1013
adm2 = 53656375 72697479 53657276 65722020 | SecurityServer
adm3 = 494e5354 414c4c45 44202020 20202020 | INSTALLED

TIP

CryptoServers (HSMs and the Simulator) come with a default ADMIN user and ADMIN. key keyfile, which can be used as the initial login. Utimaco recommends that you delete this ADMIN user once you have installed your own admin users. Do not delete the ADMIN.key, however, as returning an HSM to its factory configuration will return the ADMIN (and delete all the other users and all key material).