Prerequisites and Preparations
The audience of this document is an experienced system administrator with a good understanding of Microsoft SQL Server management. In addition, it is helpful to be familiar with the terminology, software and tools specific to YubiHSM 2. As a primer for these, refer to the Terminology.
In order to follow the steps provided in this guide, the following prerequisites must be met:
Microsoft Windows Server 2022 or higher, with Microsoft .NET Framework 4.8 or higher. The operating system should be installed in a secure computer network. The system administrator must also have elevated system privileges.
Access to Microsoft SQL Server 2019 with SQL Server Management Studio (SSMS) 2018 or higher.
YubiHSM 2 software and tools for Windows downloaded from the Yubico YubiHSM 2 Release page and available on the system to be used.
The 32-bit version of the YubiHSM KSP DLL is needed for use with SSMS.
Two (2) YubiHSM 2 devices, one for deployment and one for backup in hardware.
Your organization policies may require key custodians to be available for the YubiHSM 2 deployment. For more information about key custodians and the associated
M of Nkey shares, see “Understanding Key Splitting and Key Custodians” in the YubiHSM 2 with Key Storage Provider for Windows Server guide.
Configuration for this Integration
For the integration described in this guide, the following hardware and software configuration was used:
- Microsoft Windows Server 2022.
- Microsoft .NET Framework 4.8.
- Microsoft SQL Server 2019.
- Microsoft SQL Server Management Studio (SSMS) 2018.
- Yubico YubiHSM v 2.1.2.
- Yubico YubiHSM software tools v 2021.12c. In particular, the 32-bit YubiHSM KSP DLL is needed for use with SSMS (which is a 32-bit application).