Testing and Troubleshooting
Before running any test tools or scripts, configure the HSM connection settings (primus.cfg) and fetch the permanent secret (ppin tool).
Guidance
- Ensure the PKCS#11 library is correctly installed and configured.
- Verify that the PKCS#11 provider configuration file is correctly set up with the proper parameters.
- Check for any library dependencies that might be missing or outdated.
- Confirm that the HSM slot and token labels match the configuration settings.
- In case
telnet
is working but a Connectivity Test withppin -t
reports an error, clarify the validity of login credentials. - Update to the latest version of the PKCS#11 provider to ensure compatibility and bug fixes.
- Check the Error Codes below to narrow down the problem.
- Consult the PKCS#11 provider documentation for specific troubleshooting steps.
Connectivity Test
The ppin tool allows to test connectivity to all defined HSMs and partitions (version 1.8.1+):
ppin --test [--hsm hsm] [--user HSM_USERNAME]
Load config file: '/etc/primus/primus.cfg'
hsm0: Connect to '82.197.162.10' on port 2411, firmware: RP-2.11.2-T
slot0 (id=2), user=DEMO-TEST: OK
Number of tested HSMs: 1 (number of partitions: 1)
Number of failures: 0