Scenarios: Using the CNM and the CNI utilities

Edit online

This section describes using the CCA Node Management (CNM) utility and the CCA Node Initialization (CNI) utility to create a node and clone it to another coprocessor.

The usage of the utilities is illustrated in the scenarios, which includes:
  1. Creating a test node to be used to develop applications or establish procedures for using the CNM utility. First time users should follow this procedure to begin experimentation with the utility and the coprocessor.
  2. Creating nodes for a production environment using key parts. This scenario employs CNI lists to automate establishment of target production nodes.
  3. Cloning a master key from one coprocessor to another coprocessor. This is a procedure of interest to high security installations that employ multiple coprocessors.
The purpose of the scenarios is to illustrate how the procedures described here can be used. Where appropriate, a scenario refers to other sections of this topic collection with more detailed information.

If you are not familiar with the coprocessors's CCA access control system, see Access control overview and Initial state of the access control system. Here you can find an explanation of terms such as role initial DEFAULT role, and user profile. The scenarios assume that the access-control system is in its initial state.

Note: These scenarios are instructional only. You are encouraged to determine the procedures best suited for your specific environment. Refer to the appendix about secure operations in the IBM CCA Basic Services Reference and Guide for the IBM® 4765 PCIe and 4764 PCI-X Cryptographic Coprocessors.