Problems during installation and commissioning
PCIe HSMs
If problems are encountered when installing or commissioning an nShield HSM which prevent services from starting it will not be possible to use any of the debugging and logging tools described in Checking the installation
In this situation the command hsmdiagnose may help identify network and hardware issues that are preventing the system from starting.
This command requires root privileges on Linux and the privileges of the built-in local Administrators group on Windows.
hsmdiagnoseThe command takes no parameters:
When the command is executed it will run a series of diagnostics tests and store the results in a file on the client PC. The information in the file is primarily intended for use by Entrust Support but you may be able to use the information to diagnose the issue yourself. If you are unable to do so, contact Entrust Support and send them a copy of the results file.
In a multi-tenant system, a number of failures are expected depending on the role of the user who is
running the test. hsmdiagnose is intended for use by the service provider, and when run by such a user
an error similar to the following is expected because they have no ncoreapi service available to them.
FAILED: Hardserver not connected to module XXXX-XXXX-XXXX
1 test failed.The tool is not intended for use by tenants, but if run by such a user, a number of errors related to the device driver and network interfaces similar to the following are expected.
FAILED: No nShield 5s devices found
FAILED: No customer built nShield 5s device driver found in /opt/nfast/driver-nshield5
FAILED: nShield 5s startup script not installed, may be because no devices were found
FAILED: nShield 5s device driver kernel module nshield5_net not loaded
FAILED: No nShield 5s network interfaces found
5 tests failed.