Activation

The activation process aims to make the HSM operational so that users and applications can request and receive services.

During the activation process, the Server Master Key is calculated and retrieved from the smart cards in the HSM's volatile memory. When a user requests the use of a key, it is first decrypted, also in volatile memory. When the HSM is switched off, the Server Master Key is removed from memory, and can only be reloaded by activating it again with the set of smart cards.

Info

If the HSM has not yet been initialized, please refer to the item Initialization.

HSM activation is all done via the local console, using the smart cards from the M of N set. See the Local Console topic for the prerequisites and settings for using the HSM local console.

The steps for activating HSM are:

1. Turn on the device by connecting the power cable(s) and using the power button. As soon as the HSM's charging and self-test process is complete, the HSM's console screen is displayed on the video and the keyboard is enabled for input;
2. Authenticate to the local console using the M and N set of smart cards containing the Server Master Key (see Authentication). After successful authentication there is no need to keep smart cards in the reader. As the Server Master Key is created using an M from N scheme, the HSM automatically detects and requests as many (M) cards as necessary until the key is reconstructed.
3. Start the HSM service from the main menu (see Start/Stop service);
4. Check the status of Server running... status in the local console information bar and the list of loaded modules (see Loaded Modules).

Make sure that the HSM has connectivity and communication with the application servers and stations.