Preparing the nShield Solo for Use with ActivID CMS

To install the HSM on the ActivID CMS server, perform the following steps:

Install the HSM and the nCipher software on the ActivID CMS server, but do not create the Security World. Instead, you must use the Security World created for the ActivID KMS system. To copy the Security World configuration to the ActivID CMS server, copy the kmdata\local directory from the ActivID KMS system to the same location on the ActivID CMS server.
Copy <installdir>\nCipher\nFast\cknfastrc to the same location on the ActivID CMS server.

Note: You do not need to copy the file if ActivID CMS will be installed from scratch with HSM support. Instead, you just need to provide the right path during the ActivID CMS setup.

To enable any administrator to run KeySafe, in the <installdir>\nCipher\nFast\kmdata\preload directory, change the NTFS permissions to include modified rights for the local administrator group. The default user with permission to start KeySafe is limited to the user who installed it.
Important: Once ActivID CMS is installed, if the PKCS#11 library path is changed after upgrading the nCipher Security World software (for example, version 12.50 or higher), you must update the crystoki.ini file, found in %PROGRAMDATA%\HID Global\Credential Management System\Shared Files, as follows: