Installing Entrust nShield packages
The Entrust nShield packages are provided as TAR archive files. As such, you need to unpack these packages and install them on the OneSpan Authentication Server host.
To unpack and install the required Entrust nShieldpackages
- Open a terminal window.
-
Log in as root:
su -
-
Change to the root folder:
cd /
-
Unpack the Entrust nShield Hardware Support package from the Entrust nShield software CD provided with your HSM:
tar -xvf path_to_media/linux/amd64/hwsp.tar.gz
-
Unpack the Entrust nShield Core Tools package from the same CD:
tar -xvf path_to_media/linux/amd64/ctls.tar.gz
-
Unpack the Entrust nShield Java package (containing the KeySafe tool) from the same CD:
tar -xvf path_to_media/linux/amd64/javasp.tar.gz
-
If required, add an environment variable definition for JDK_HOME to /etc/profile:
export JDK_HOME=jdk_installdir
where jdk_installdir is the installation folder of the Java Development Kit (JDK) depending on your Java installation, e.g. /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.352.b08-2.el8_7.x86_64/jre. This ensures that the KeySafe tool can find the Java libraries.
-
Run the server installation script:
/opt/nfast/sbin/install
By default, the server installation script will also configure the hardserver to start on boot. For more information about hardserver configuration, see Configuring and launching the hardserver.
-
(OPTIONAL) To allow easier execution of the Entrust nShield utilities, add the following line to the your shell environment profile (either via .bashrc or .profile):
export PATH=$PATH:/opt/nfast/bin
If you are using an Entrust nShield Solo, you must build and install a kernel driver for it. You can do so after unpacking the required Entrust nShield packages.
To build and install the nFast kernel driver (if required)
- Open a terminal window and log in as root.
-
Change to the folder with the the required nFast driver:
cd /opt/nfast/driver
-
Run the following commands to build the driver:
./configure
make
This builds a driver file that is automatically loaded.