Table of Contents
- Title and Copyright Information
- Preface
- Changes in This Release for Oracle Key Vault
- 1 Getting Started with HSM
-
2
Configuring an HSM for Oracle Key Vault
- 2.1 HSM-Enabling in a Standalone Oracle Key Vault Deployment
- 2.2 HSMs in a Multi-Master Cluster
- 2.3 HSM-Enabling in a Primary-Standby Oracle Key Vault Deployment
- 2.4 Backup and Restore Operations in an HSM-Enabled Oracle Key Vault Instance
- 2.5 Reverse Migration Operations
- 2.6 Disabling Reverse Migration on the Management Console
- 3 Upgrade Considerations When Using HSMs in Oracle Key Vault
-
4
Oracle Key Vault HSM Support Guidance
-
4.1
General Troubleshooting
- 4.1.1 Trace Files for Diagnosing Issues
- 4.1.2 HSM Alert
- 4.1.3 Could Not Get Slot for HSM Error
- 4.1.4 Could Not Load PKCS#11 Library Error
- 4.1.5 Oracle Key Vault Management Console Does Not Start After Restarting HSM-Enabled Oracle Key Vault Server
- 4.1.6 Primary-Standby Errors
- 4.1.7 Errors from HSM-Enabled Oracle Key Vault Backups
- 4.1.8 Restoration of a Backed Up HSM-Enabled Oracle Key Vault Server
- 4.2 Vendor Specific Notes for Thales
- 4.3 Vendor Specific Notes for Entrust
- 4.4 Vendor Specific Notes for Utimaco
-
4.5
Vendor Specific Notes for Other HSMs
- 4.5.1 About Vendor Specific Notes for Other HSMs
- 4.5.2 Installing the HSM Client Software on the Oracle Key Vault Server for Other Vendors
- 4.5.3 Configuring the okv_hsm.conf Parameters
- 4.5.4 Configuring the okv_hsm_env Environment File
- 4.5.5 Configuring the okv_hsm_mid_upgrade Script
- 4.5.6 Executing Pre- or Post-Upgrade Validation Scripts
-
4.1
General Troubleshooting
-
5
Vendor Instructions for Integrating an HSM as the Root of Trust for Oracle Key Vault
- 5.1 About Integrating an HSM as a Root of Trust for Oracle Key Vault
- 5.2 Requirements Before Starting the Integration
- 5.3 Integrating the HSM
-
5.4
Confirming the Success of the HSM Configuration
- 5.4.1 Enabling the HSM in a Standalone Environment
- 5.4.2 Performing an Upgrade of an HSM-Enabled Oracle Key Vault Server
- 5.4.3 Performing a Backup of an HSM-Enabled Oracle Key Vault Server
- 5.4.4 Performing a Restore of an HSM-Enabled Oracle Key Vault Server
- 5.4.5 Confirming the Success of the HSM Configuration in a Multi-Master Cluster
- 5.4.6 Confirming the Success of the HSM Configuration in a Primary-Standby Environment
- 5.4.7 Performing a Reverse Migration Operation
- 5.5 Validating the HSM as a Root of Trust for Oracle Key Vault