Enabling HSM

Note: Refer this section only if you have upgraded from AppViewX v2020.3.0.

Prerequisites

To configure Fortanix and Utimaco, the .so file and config file must be present in the current Appviewx version.
- The .so file is essential for communicating with the HSM using the PKCS11 interface.
- The config file facilitates communication between the HSM and Appviewx.

After the successful upgrade, proceed with the steps below to enable HSM.

Ensure the HSM pod is operational and running in the required datacenters and that the HSM node is specified in the appviewx.conf file, execute the following command:
```
kubectl get pods -A -o wide |grep hsm
```
From the command line interface, navigate to the properties folder path {APPVIEWX_INSTALLATION_PATH}/appviewx_dependencies/properties
For Fortanix
1. Open the HSM file using the following command:
```
vi hsm
```
2. Check and confirm if the HSM file has the following lines. If not, uncomment the following lines:
```
export FORTANIX_PKCS11_CONFIG_PATH= /appviewx/dependencies/hsm/fortanix/pkcs11.conf
```
```
echo "FORTANIX Config Path : $FORTANIX_PKCS11_CONFIG_PATH"
```
3. If the file is edited, restart the avx-platform-hsm pod, using the following commands:
```
kubectl get pods -n <namespace>
```
```
kubectl delete pods -n <namespace> <PodName> --force
```
For Utimaco
1. Open the HSM file using the following command:
```
vi hsm
```
2. Check and confirm if the HSM file has the following lines. If not, uncomment the following lines:
```
export CS_PKCS11_R2_CFG=/appviewx/dependencies/hsm/utimaco/cs_pkcs11_R2.cfg
```
```
echo "UTIMACO Config Path : $CS_PKCS11_R2_CFG"
```
3. If the file is edited, restart the avx-platform-hsm pod, using the following commands:
```
kubectl get pods -n <namespace>
```
```
kubectl delete pods -n <namespace> <PodName> --force
```
Once the HSM pod is back to running state, login to AppViewX and navigate to Platform > Vault & Security > HSM.
Access the required HSM.