Prerequisites Step 1: Stop the client daemon Step 2: Upgrade the client SDK Step 3: Start the client daemon

Upgrading Client SDK 3 on Linux

With AWS CloudHSM Client SDK 3.1 and higher, the version of the client daemon and any components you install must match to upgrade. For all Linux-based systems, you must use a single command to batch upgrade the client daemon with the same version of the PKCS #11 library, the Java Cryptographic Extension (JCE) provider, or the OpenSSL Dynamic Engine. This requirement does not apply to Windows-based systems because the binaries for the CNG and KSP providers are already included in the client daemon package.

On a Red Hat-based Linux system (including Amazon Linux and CentOS), use the following command:
```
rpm -qa | grep ^cloudhsm
```
On an Debian-based Linux system, use the following command:
```
apt list --installed | grep ^cloudhsm
```
On a Windows system, use the following command:
```
wmic product get name,version
```

Prerequisites
Step 1: Stop the client daemon
Step 2: Upgrade the client SDK
Step 3: Start the client daemon

Prerequisites

Download the latest version of AWS CloudHSM client daemon and choose your components.

Note

You do not have to install all the components. For every component you have installed, you must upgrade that component to match the version of the client daemon.

Latest Linux client daemon

Latest PKCS #11 library

Latest OpenSSL Dynamic Engine

Latest JCE provider

Step 1: Stop the client daemon

Use the following command to stop the client daemon.

Step 2: Upgrade the client SDK

The following command shows the syntax required to upgrade the client daemon and components. Before you run the command, remove any components you don't intend to upgrade.

Amazon Linux


$ sudo yum install ./cloudhsm-client-latest.el6.x86_64.rpm \
              <./cloudhsm-client-pkcs11-latest.el6.x86_64.rpm> \
              <./cloudhsm-client-dyn-latest.el6.x86_64.rpm> \
              <./cloudhsm-client-jce-latest.el6.x86_64.rpm>

Amazon Linux 2


$ sudo yum install ./cloudhsm-client-latest.el7.x86_64.rpm \
              <./cloudhsm-client-pkcs11-latest.el7.x86_64.rpm> \
              <./cloudhsm-client-dyn-latest.el7.x86_64.rpm> \
              <./cloudhsm-client-jce-latest.el7.x86_64.rpm>

CentOS 7


$ sudo yum install ./cloudhsm-client-latest.el7.x86_64.rpm \
              <./cloudhsm-client-pkcs11-latest.el7.x86_64.rpm> \
              <./cloudhsm-client-dyn-latest.el7.x86_64.rpm> \
              <./cloudhsm-client-jce-latest.el7.x86_64.rpm>

CentOS 8


$ sudo yum install ./cloudhsm-client-latest.el8.x86_64.rpm \
              <./cloudhsm-client-pkcs11-latest.el8.x86_64.rpm> \              
              <./cloudhsm-client-jce-latest.el8.x86_64.rpm>

RHEL 7


$ sudo yum install ./cloudhsm-client-latest.el7.x86_64.rpm \
              <./cloudhsm-client-pkcs11-latest.el7.x86_64.rpm> \
              <./cloudhsm-client-dyn-latest.el7.x86_64.rpm> \
              <./cloudhsm-client-jce-latest.el7.x86_64.rpm>

RHEL 8


$ sudo yum install ./cloudhsm-client-latest.el8.x86_64.rpm \
              <./cloudhsm-client-pkcs11-latest.el8.x86_64.rpm> \
              <./cloudhsm-client-jce-latest.el8.x86_64.rpm>

Ubuntu 16.04 LTS


$ sudo apt install ./cloudhsm-client_latest_amd64.deb \
              <cloudhsm-client-pkcs11_latest_amd64.deb> \
              <cloudhsm-client-dyn_latest_amd64.deb> \
              <cloudhsm-client-jce_latest_amd64.deb>

Ubuntu 18.04 LTS


$ sudo apt install ./cloudhsm-client_latest_u18.04_amd64.deb \
              <cloudhsm-client-pkcs11_latest_amd64.deb> \
              <cloudhsm-client-jce_latest_amd64.deb>

Step 3: Start the client daemon

Use the following command to start the client daemon.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Supported platforms

PKCS #11 library