[AIX HP-UX Linux Solaris Windows]

Known problems with hardware cryptographic support

This topic contains troubleshooting information for known problems with the cryptographic hardware.

You must install the bos.pkcs11 package to get the PKCS11 module, and to initialize the device on AIX.

An added update to the bos.pkcs11 package fixed a forking problem. Obtain the most recent copy of the bos.pkcs11 package from the IBM PSeries Support Site, to ensure you have this fix.

The ikmuser.sample file that is shipped with the GSKit Toolkit typically installs in the following directories, depending on the platform:

Renaming this file to ikmuser.properties in the classes directory enables IKEYMAN to use it for a cryptographic token.

If you are having problems using the IBM eBusiness Cryptographic Accelerator Device with IBM HTTP Server, do the following:
  1. Reboot the machine.
  2. Kill pkcsslotd and the shared memory it created. To determine what shared memory was created, typeipcs -a and for a size of 270760. This was the memory created by pkcsslotd.
  3. Export EXPSHM=ON.
  4. Start the pkcs11 process: /etc/rc.pkcsw11
  5. Restart IBM HTTP Server: ./apachectl start
Concept topic Concept topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 6:08:30 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=ihs-dist&topic=cihs_troubprobcrypto
File name: cihs_troubprobcrypto.html