Prerequisites and Preparations

The audience of this document is an experienced system administrator with a good understanding of Microsoft SQL Server management. In addition, it is helpful to be familiar with the terminology, software and tools specific to YubiHSM 2. As a primer for these, refer to the Terminology.

In order to follow the steps provided in this guide, the following prerequisites must be met:

  • Microsoft Windows Server 2022 or higher, with Microsoft .NET Framework 4.8 or higher. The operating system should be installed in a secure computer network. The system administrator must also have elevated system privileges.

  • Access to Microsoft SQL Server 2019 with SQL Server Management Studio (SSMS) 2018 or higher.

  • YubiHSM 2 software and tools for Windows downloaded from the Yubico YubiHSM 2 Release page and available on the system to be used.

    Note

    The 32-bit version of the YubiHSM KSP DLL is needed for use with SSMS.

  • Two (2) YubiHSM 2 devices, one for deployment and one for backup in hardware.

  • Your organization policies may require key custodians to be available for the YubiHSM 2 deployment. For more information about key custodians and the associated M of N key shares, see “Understanding Key Splitting and Key Custodians” in the YubiHSM 2 with Key Storage Provider for Windows Server guide.

Configuration for this Integration

For the integration described in this guide, the following hardware and software configuration was used:

  • Microsoft Windows Server 2022.
  • Microsoft .NET Framework 4.8.
  • Microsoft SQL Server 2019.
  • Microsoft SQL Server Management Studio (SSMS) 2018.
  • Yubico YubiHSM v 2.1.2.
  • Yubico YubiHSM software tools v 2021.12c. In particular, the 32-bit YubiHSM KSP DLL is needed for use with SSMS (which is a 32-bit application).