KB Article #102239

VA - How to Configure VA Password for AEP Hardware Security Module

Summary

The article provides information about Configuring the Password for AEP Hardware Security Module and Validation Authority.

Details

Follow these steps to configure AEP’s HSM with Validation Authority; as AEP’s HSM password requires a numeric PIN, while Validation Authority setup requires at least one alpha character?

Initial Setup/Configuration

  1. Install and Complete a Basic Initial Setup Using VA's Self-Signed OCSP Certificate
  2. Change the Password Rules to Require No Alpha Characters
    1. Click on User Settings
      1. Click on General Settings
        1. Change "Minimum number of alphabetic characters in password:" from "1" to "0"
        2. Click Submit General User Data

Configuring for AEP Hardware Security Module

  1. Reset the VA Server Password to Match the AEP Password
    1. Click on Keys and Certificates
      1. Click on Change Server Password
        1. Fill in "Enter Current Server Password (leave blank if no password is set):"
        2. Fill in "Enter New Password:"
        3. Fill in "Confirm New Password:"
        4. Click on Submit
  2. Generate the OCSP Signing Key/Certificate
    1. Click on Keys and Certificates
      1. Click on Create/Import Private Key
        1. Select Default OCSP Response Signing
          1. Click on Submit Key Type
        2. Select Generate/Import Hardware Key on custom PKCS11 provider.
          1. Select Vendor: AEP
          2. Click on Submit Key Generate Technique
        3. Select either Generate new private key or Import previously generated private key
          1. Click on Submit Key Generation Or Import
        4. For Generating new private key
          1. Fill in Criteria
          2. Click on Submit
  3. Reset the VA Server
    1. Click on Start/Stop Server
      1. Click on Stop Server
      2. Click on Start Server
  4. Finished!

NOTE:
AEP HSM module may require changes in file moves, environmental variables, etc…
Please contact AEP’s support department for further assistance.

Related Articles

  • VA - Hardware Securit Modules interfacing with VA (Article# 5221)
  • VA - How to Configure LunaSA Hardware Security Module for VA (Windows) (Article# 5262)

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.