Thycotic Secret Server will attach to the CryptoServer cluster via the CNG provider, based on the registry configuration (SecurityServer versions 4.01 or earlier) or configuration file (SecurityServer 4.10 or later). Whether this is a single device or a cluster of devices will depend on the local configuration.
Please see the Utimaco documentation for use and deployment of the CSP/CNG utilities. How these are configured will depend on the version of SecurityServer you are using. Versions prior to 4.10 use a control panel applet that must be run as root. Please see the installation directory, for
Documentation\Crypto_APIs\CSP-CNG\CryptoServer_CSP-CNG.pdf
From version 4.10, the providers rely on a text configuration file rather than on the registry, which simplifies unattended deployment in virtualized environments. For the documentation, see the installation directory, for
Documentation\Crypto_APIs\CSP-CNG\CryptoServer_Manual_CSP_CNG.pdf
Note that after the cs2cng.dll Provider has been registered, you must restart IIS before it will be visible within.