Installing the software

This chapter describes how to install the Security World Software on the computer, client, or RFS associated with your nShield HSM.

After you have installed the software, you must complete further Security World creation, configuration and setup tasks before you can use your nShield environment to protect and manage your keys. See the nShield 5c User Guide for more about creating a Security World and the appropriate Card Sets, and further configuration or setup tasks.

If you are planning to use an nToken with a client, this should be physically installed in the client before installing the Security World software, see the nToken Installation Guide.

Installing the Security World Software on Windows

For information about configuring silent installations and uninstallations on Windows, see the nShield 5c User Guide

For a regular installation:

  1. Log in as Administrator or as a user with local administrator rights.

    If the Found New Hardware Wizard appears and prompts you to install drivers, cancel this notification, and continue to install the Security World Software as normal. Drivers are installed during the installation of the Security World Software.

  2. Place the Security World Software installation media in the optical disc drive.

  3. Launch setup.msi manually when prompted.

  4. Follow the onscreen instructions.

  5. Accept the license terms and select Next to continue.

  6. Specify the installation directory and select Next to continue.

  7. Select all the components required for installation.

    By default, all components are selected. Use the drop-down menu to deselect the components that you do not want to install. nShield Hardware Support and Core Tools are necessary to install the Security World Software.

    See Software packages on the Security World software installation media for more about the component bundles and the additional software supplied on your installation media.

  8. Select Install.

    The selected components are installed in the chosen installation directory. The installer creates links to the following nShield Cryptographic Service Provider (CSP) setup wizards as well as remote management tools under the Windows Start menu: Start > Entrust nShield Security World:

    • If nShield CSPs (CAPI, CNG) was selected: 32bit CSP install wizard, which sets up CSPs for 32-bit applications.

    • If nShield CSPs (CAPI, CNG) was selected: 64bit CSP install wizard, which sets up CSPs for 64-bit applications.

    • If nShield CSPs (CAPI, CNG) was selected: CNG configuration wizard, which sets up the CNG providers.

    • If nShield Java was selected: KeySafe, which runs the key management application.

    • If nShield Remote Administration Client Tools was selected: Remote Administration Client, which runs the remote administration client.

    If selected, the SNMP agent will be installed, but will not be added to the Services area in Control PanelAdministrative Tools of the target Windows machine. If you wish to install the SNMP agent as a service, please consult the SNMP monitoring agent section in the nShield 5c User Guide.

  9. Select Finish to complete the installation.

    The following global variables are set upon install:

    • %NFAST_CERTDIR%

    • %NFAST_HOME%

    • %NFAST_KMDATA%

    • %NFAST_LOGDIR%

Installing the Security World Software on Linux

In the following instructions, disc-name is the name of the mount point of the installation media.

  1. Log in as a user with root privileges.

  2. Place the installation media in the optical disc drive, and mount the drive.

  3. Open a terminal window, and change to the root directory.

  4. Extract the required .tar files to install all the software bundles by running commands of the form:

    tar xf disc-name/linux/ver/<file>.tar.gz

    In this command, ver is the architecture of the operating system (for example, i386 or amd64), and file.tar is the name of a .tar.gz file for that component.

    See Software packages on the Security World software installation media for more about the component bundles and the additional software supplied on your installation media.

  5. Run the install script by using the following command:

    /opt/nfast/sbin/install

  6. Log in to your normal account.

  7. Add /opt/nfast/bin to your PATH system variable:

    • If you use the Bourne shell, add these lines to your system or personal profile:

      PATH=/opt/nfast/bin:$PATH
export PATH

    • If you use the C shell, add this line to your system or personal profile:

      setenv PATH /opt/nfast/bin:$PATH