Configure nShield Hardware Security Modules
This topic describes how to set up Hardware Security Modules (HSM) from Entrust (formerly nCipher) for use with the Gateway.
This section describes how to set up Hardware Security Modules (HSM) from Entrust for use with the
Layer7 API Gateway. Learn more:
Gateway version 10.0 CR 3+ Users
nShield HSM users who plan to upgrade to Gateway version 10.0 CR 3 or higher MUST upgrade their nShield client to version 12.60.11.
nShield HSM users that require their nShield HSM to run in FIPS mode are advised
NOTto upgrade to Gateway version 10.0 CR 3 per this Known Issue.
Layer7 API Gatewaydoes not currently support AES-GCM when using an nShield Hardware Security Module with a custom FIPS level 3 security world.
The instructions provided on this site rely on configuration from Entrust and may change without notice. For complete instructions on the nShield Solo and the nShield Connect, refer to the user documentation from nCipher: www.entrust.com/
The acquisition and compilation of the nShield driver provided by nShield is at Customer's sole discretion and entirely subject to the terms of that third-party provider.