Add or Import a Transport Key

Important: Before you add or import a transport key, initialize the Principal HSM A Hardware Security Module (HSM) securely stores secret key material. They are similar to large-storage, multisession smart cards. However, unlike smart cards, they are used mainly on the server side of a system.. You must assemble three pairs of transport key Security Officers to import a transport key. The transport key officers must have their transport key components available.
Note:

  • ActivID KMS requires an operator PIN only if a particular HSM session has been closed.

  • Import a transport key if you want to import master keys that were generated by another entity, such as the card manufacturer.

  1. Insert or properly connect the Principal HSM The first or main HSM. If you require multiple HSMs with the same master keys, use HSM manufacturer tools to duplicate the keys in the other HSM. (and ONLY the Principal HSM).

  2. From the main menu, type 4 (Add Transport Key).

  3. Enter the operator PIN.

    Note:

    • On some HSMs (for example, SafeNet Luna SA) you are required to enter the partition PIN first, and then key in the Operator PIN on the PIN Entry Device.

    • ActivID KMS requires an operator PIN only if a particular HSM session has been closed.

  4. To continue, press ENTER.

  5. Enter a new transport key label (for example, TK_2). This key label is for internal use only. “TK_2” is not the definitive name. Your transport key label can be different. This is just an example.

  6. To continue, press ENTER.

    Text Description automatically generated