Configure nShield Hardware Security Modules

This topic describes how to set up Hardware Security Modules (HSM) from Entrust (formerly nCipher) for use with the Gateway.
gateway10cr3
This section describes how to set up Hardware Security Modules (HSM) from Entrust for use with the
Layer7 API Gateway
. Learn more:
Gateway version 10.0 CR 3+ Users
nShield HSM users who plan to upgrade to Gateway version 10.0 CR 3 or higher MUST upgrade their nShield client to version 12.60.11.
nShield HSM users that require their nShield HSM to run in FIPS mode are advised
NOT
to upgrade to Gateway version 10.0 CR 3 per this Known Issue.
The
Layer7 API Gateway
does not currently support AES-GCM when using an nShield Hardware Security Module with a custom FIPS level 3 security world.
The instructions provided on this site rely on configuration from Entrust and may change without notice. For complete instructions on the nShield Solo and the nShield Connect, refer to the user documentation from nCipher: www.entrust.com/
Legal Disclaimer
The acquisition and compilation of the nShield driver provided by nShield is at Customer's sole discretion and entirely subject to the terms of that third-party provider.