First Two issues:
Once you install the card and re-image the box, you will have to create a new security world (SW) in order to enable the card so the gateway can use it.
1. First switch the card to ‘I’ mode (switch on the card)
You might get error when trying to configure a SW
ServerNotRunning – you will need to start service nc_hardserver
2. Once you have it running, the next situation you might encounter is getting an error InvalidModule
You will have to run ./root/sealsys customize in order to install HSM drivers
3. Now, you should be ok to install the HSM card
Details on above steps and example:
[firstname.lastname@example.org ~]# service nc_hardserver start
waiting for nCipher server to become operational ...
nCipher server now running
[email@example.com ~]# cd /
[firstname.lastname@example.org /]# ./root/sealsys customize
Stopping snmpd: [ OK ]
'ncsnmpd' server now running
Starting snmpd: [ OK ]
Info: An nShield card appears to be installed.
Success: nShield drivers have been configured.
The third possible situation you may encounter is when we try to put the HSM card into initializing mode ‘I’ on the switch, the card never actually switches to ‘I’ mode, it just stays in Operational, the ‘O’ mode. We are not able to create a new Security World as a result.
There is another switch, on the CARD itself, under the cover of the server panel. The switch that locks out or overrides the MOI switch. That switch is located on the PCI board - identified as D and E
if that switch is in the ON position (closest to the support plate) then the MOI switch is inoperable.
You would first have to change the position of D and E