Skip to main content
Skip table of contents

Create CloudHSM Crypto Token for Root CA

The following describes how to create a CloudHSM Crypto Token for the Root CA:

  1. Under CA Functions, select Crypto Tokens, and then click Create new.
  2. On the New Crypto Token page, enter the following:
    1. Name
    2. Specify the values as follows:
      • Name: <anything> (Name for the Root CA CloudHSM Crypto Token, for example, "Corporate Root CA CloudHSM Crypto Token". Note that this is not the CA name but the name of the token.
      • Type: PKCS#11
      • Authentication Code: <HSM_CryptoUser>:<password> (ex. CryptoUser:CUPassword123!)
      • AutoActivation: Clear.
      • Use Explicit ECC parameters: Clear.
      • PKCS#11: Library: AWS CloudHSM
      • PKCS#11: Reference Type: Slot ID
      • PKCS#11: Reference: 1
      • PKCS#11: Attribute Type: Default
  3. Click Save.
  4. On the Crypto Token: <Name> page, confirm that the three key pairs within the Crypto Token display and the information CryptoToken created successfully shown at the top:
    • defaultKey: Used for everything not signing or test.
    • signKey: Used for cert signing.
    • testKey: Used for testing health check for CA.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close