Procedure 1: Installing the nCipher Software

Prerequisites:

  • You must install one of the following Java™ products prior to installing the nCipher components:

    • Java Runtime Environment™ (JRE)

    • Java Developer Kit™ (JDK)

  • You must install the 64-bit version of the nCipher Security World software.

Note: ActivID CMS 5.0 and higher uses the 64-bit PKCS#11 library.

  1. Run the Setup.exe file.

  2. When the Welcome page appears, click Next.

  3. Accept the license agreement, and then click Next.

    Note: The following steps are not intended to replace nCipher technical documentation. For specific details, see the nCipher technical documentation, follow the prompts, and take note of any tips presented here.

  1. When the Select Features page appears:

    1. Accept the default options that are already selected.

    2. Accept the default installation directory.

      Important: It is strongly recommended that you accept the default installation directory. In this document, the installation directory is referred to as <installdir>.

    3. Click Next.

  2. When the Configure PKCS#11 Security Assurance Mechanism page appears, perform the following tasks:

    1. Select the Yes option (the default), which enables the Security Assurance Mechanism.

    2. Click Next.

    3. Click Finish when the displayed message indicates that installation has been completed.

  3. Turn off your PC.

  4. Install the nShield Solo PCI-E card in your PC.

    Note: Consult the hardware installation manual prior to installing the HSM in the system on which ActivID KMS is installed.

  5. To prepare for configuring nCipher Security World, perform the following tasks:

    1. Set the HSM to its pre-initialization state by setting the Mode switch to I (see the rear panel for switch settings).

    2. Start the KMS workstation.

  6. Launch the KeySafe utility, which displays the following message after receiving the first request to run the software.

  7. Click Press to exit.

  8. Navigate to the C:\ProgramData\nCipher\Key Management Data directory, and then open the configuration file.

  9. Uncomment the nonpriv_port and priv_port lines in the server_startup section.

  10. Edit the lines to reflect the values of nonpriv_port=9000 and privport=9001 so that the KeySafe utility can start.

  11. Reboot the system after updating the configuration file.

    Note: The device should now appear in Device Manager, and the nFast server service should be running (see the following illustration that shows the Device Manager window).