Getting started with Keyfactor EJBCA
The quickstart section provides a comprehensive guide outlining the steps necessary to integrate Keyfactor/PrimeKey EJBCA with Securosys CloudHSM or on-premises Primus HSM.
Installing & Configuring Primus PKCS#11 Provider
Install the latest version of Primus PKCS#11 Provider on the device with the Keyfactor/PrimeKey EJBCA already installed.
Follow the instructions in PKCS#11 Provider Installation.
Configure the Primus PKCS#11 provider by adapting the configuration file primus.cfg
according to your set-up.
Consult Primus PKCS#11 User Guide - Configuration for configuration file locations.
HSM Setup and Configuration
Follow the instructions provided in HSM Setup and Configuration.
Configure EJBCA Settings
Configure the EJBCA settings to integrate with the Primus PKCS#11 provider. For more information visit Installation - EJBCA Settings
Configure New Crypto Token
Deploy the EJBCA with the newly configured settings and Integrate the HSM by Configuring a New Crypto Token.
Generate RSA Keys
Generate cryptographic objects which will be used by the new Certificate Authority (CA). For more information, see Keyfactor/PrimeKey EJBCA Documentation.
Create a New Certificate Authority (CA)
Create a new Certificate Authority and configure it with the previously created crypto token and keys. For more information on EJBCA Certificate Authority setup and best practices, follow Keyfactor/PrimeKey EJBCA Documentation.