To initialize IBM® cryptographic hardware (IBM 4758 and IBM e-business Cryptographic Accelerator),
you must obtain and install the most recent PKCS11 module.
Procedure
- To initialize the IBM cryptographic hardware (IBM 4758 and IBM e-business Cryptographic Accelerator)
on AIX®,
obtain and install the bos.pkcs11 software. Obtain the
most recent bos.pkcs11 package from http://www.ibm.com/servers/eserver/support/pseries/aixfixes.html.
Select your AIX version
under Specific fixes. The bos.pkcs11 package installs the
PKCS11 module needed for the SSLPKCSDriver directive discussed below. You
also need the devices.pci.1410e601 device for the IBM e-business Cryptographic Accelerator
and the devices.pci.14109f00 and devices.pci.14109f00 for the IBM 4758.
- Initialize your token. After you install the PKCS11
software, initialize your device. You can access the Manage the PKCS11 subsystem
panel from Smitty to initialize your PKCS11 device.
- Select Initialize your token.
- Set a security officer and User PIN, if not already set.
- Initialize your user PIN. See Chapter 5: Token Initialization from the PKCS11 manual for
more detailed information.