Validating nCipher Security World

To validate that the security world environment is properly created, complete the following steps.

1. Run the following command:

   
   /opt/nfast/bin/nfkminfo
   

   The expected output must be the following, with Usable indicating proper validation:

   
   World
     generation  #
     state       0x17270000 Initialised Usable ...
     ...
   Module #1
     generation  #
     state      0x2 Usable
   

2. For more information about adding SSL keys to the nCipher Security World keystore, review the instructions for using the following command:

   
   /opt/nfast/bin/generatekey
   

   The output of this command is a .pem reference SSL key. This key must be converted to the .ptl format that is used by the PCA.

3. To convert the reference key file to .ptl key, use the following command:

   
   tealeaf pem2ptl <nCipherReference>.pem
   

4. The newly created PCA .ptl keys can now be explicitly loaded into the PCA:
   • Manually: See SSL key management.
   • Automatically: Load the keys into the default directory:

     
     /usr/local/ctccap/etc/capturekeys 
     

     Note: You must create the directory and enable the proper access permissions. See SSL key management.
   The .ptl keys are loaded for use by the PCA.