To initialize IBM cryptographic hardware (IBM 4758 and IBM e-business
Cryptographic Accelerator), you must obtain and install the most recent PKCS11
module.
Procedimento
- To initialize the IBM cryptographic hardware (IBM 4758 and IBM
e-business Cryptographic Accelerator) on AIX, obtain and install the bos.pkcs11 software.
Obtain the most recent bos.pkcs11 package from http://www.ibm.com/servers/eserver/support/pseries/aixfixes.html.
Select your AIX version under Specific fixes. The bos.pkcs11 package
installs the PKCS11 module needed for the SSLPKCSDriver directive discussed
below. You also need the devices.pci.1410e601 device for the IBM e-business
Cryptographic Accelerator and the devices.pci.14109f00 and devices.pci.14109f00
for the IBM 4758.
- Initialize your token. After you install the PKCS11
software, initialize your device. You can access the Manage the PKCS11 subsystem
panel from Smitty to initialize your PKCS11 device.
- Select Initialize your token.
- Set a security officer and User PIN, if not already set.
- Initialize your user PIN. See Chapter 5: Token Initialization from the PKCS11 manual for
more detailed information.