Loading the private key identifiers in SWG UI
For the SWG to use the keys within the Fortanix DSM, we must enumerate the available keys in the UI.
Steps to be followed
- Go to Configuration > Hardware Security Module
- Select Start local HSM server.
- Select Fortanix DSM (from. Fortanix) from the Crypto Module dropdown menu.
- click Set button to enter the Fortanix DSM API key
- Enter the Fortanix DSM API Key as a Password and click OK.
Fortanix DSM API Key is set, select Change to modify key.
- Select the + icon to add the Key as a string.
- The format for adding the keys is
<engine-label>:<pkcs11-URI>
- Here the engine-label is “pkcs11”. This label informs SWG that these are pkcs11 keys.
- Enter the Key as a string using the below format:
pkcs11:pkcs11:object=<Key>
The value of ‘Key’ will change as per the Key label name created in Fortanix DSM.