Breadcrumbs

Create a CryptoToken in SignServer with SDK3

If you have already performed these steps before creating the keys with the clientToolBox, restart SignServer using the command:

service wildfly restart

If you are creating the crypto token for the first time, proceed with the following steps:

  1. Login to SignServer as Superadmin.

  2. Select Add under All Workers:

    image2018-12-3_13-54-20.png


  3. Select From Template.

    image2018-12-3_13-55-16.png

  4. Select the cloudHSM-p11ng.properties template and click Next.

    image2018-12-3_13-56-26.png

  5. Specify the values as follows (Changing the values in bold as required):

    • WORKER3.IMPLEMENTATION_CLASS=org.signserver.server.signers.CryptoWorker

    • WORKER3.NAME=CryptoTokenP11

    • WORKER3.PIN=CryptoUser:CUPassword123!

    • WORKER3.CRYPTOTOKEN_IMPLEMENTATION_CLASS=org.signserver.server.cryptotokens.PKCS11CryptoToken

    • WORKER3.DEFAULTKEY=testKey0001

    • WORKER3.SLOTLABELVALUE=1

    • WORKER3.TYPE=CRYPTO_WORKER

    • WORKER3.SHAREDLIBRARYNAME=AWSCloudHSM

    • WORKER3.SLOTLABELTYPE=SLOT_NUMBER


    image2018-12-3_14-0-20.png

  6. Click Apply.

  7. The worker comes back as active.

    image2018-12-3_14-7-28.png

  8. To see what keys are active in the crypto token that SignServer can see, select the CryptoTokenP11 worker.

    image2018-12-3_14-3-51.png

  9. Select the Crypto Token link

    image2018-12-3_14-10-29.png

  10. The keys are displayed inside the Crypto Token.

    image2018-12-3_14-23-41.png