What to Do if You are Using an HSM

  1. Import the PIV Master Keys corresponding to your PIV Personal Identity Verification (technical standard of "HSPD-12") card profiles into the HSM A Hardware Security Module (HSM) securely stores secret key material. They are similar to large-storage, multisession smart cards. However, unlike smart cards, they are used mainly on the server side of a system., using the Key Management System (KMS).

  1. If you want to enable PIV object signing, then edit the Digital Signatory key. Also, generate the digital signature keys on the HSM. For details, see Generate Digital Signatory Keys on an HSM.