Install the YubiHSM 2 Tools and Software
To complete the procedures in this guide, install the YubiHSM 2 tools and software that will be needed for this.
A generic prompt,
*$*, is used in command line examples in this document. Depending on your command line application, your prompt may be different.
Unzip the downloaded archives of the SDK containing the YubiHSM libraries and tools and move the contents to an appropriate location.
On your Windows system, run both installers:
Set the ADCS service dependency for the YubiHSM Connector service via an elevated/admin Windows Command Prompt. This prevents an error which occurs if the ADCS services starts before the YubiHSM connector is running.
About the YubiHSM Software
The following YubiHSM pieces of software are used in this guide. They are included as part of the archive file you downloaded from the Yubico Knowledge Base.
Default YubiHSM 2 Default Device Configuration
The YubiHSM 2 device comes with a single factory-installed authentication key whose default password is
password. As part of the configuration in this guide, this default authentication key will be destroyed. If the YubiHSM 2 is reset to its default configuration, any non factory-installed objects stored on it are also destroyed. Reset instructions can be found in Factory Reset.
To ensure that the YubiHSM 2 has not been tampered with, verify that it still has the default configuration by following the steps below:
Do one of the following:
For testing or debugging the YubiHSM Connector, the flag
To gain shell access to the YubiHSM 2, launch the YubiHSM Shell program by opening a Command Prompt and running the command
$ yubihsm-shell --connector http://192.168.100.252:12345
For testing or debugging the YubiHSM Shell, the flag
To connect to the YubiHSM 2, at the
To open a session with the YubiHSM 2, type
Type in the default password:
You now have an administrative connection to the YubiHSM 2 and you can list the objects available by typing
id: 0x0001, type: authentication-key, sequence: 0
To exit, type