为 AWS CloudHSM 客户端 SDK 3 安装开放式SSL动态引擎 - AWS CloudHSM

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

为 AWS CloudHSM 客户端 SDK 3 安装开放式SSL动态引擎

以下步骤介绍如何为 Open SSL with Client SDK 3 安装和配置 AWS CloudHSM 动态引擎。有关升级的信息,请参阅 升级客户端 SDK 3

安装和配置 Open SSL 引擎
  1. 使用以下命令下载并安装 Open SSL 引擎。

    Amazon Linux
    $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL6/cloudhsm-client-dyn-latest.el6.x86_64.rpm
    $ sudo yum install ./cloudhsm-client-dyn-latest.el6.x86_64.rpm
    Amazon Linux 2
    $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-client-dyn-latest.el7.x86_64.rpm
    $ sudo yum install ./cloudhsm-client-dyn-latest.el7.x86_64.rpm
    CentOS 6
    $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL6/cloudhsm-client-dyn-latest.el6.x86_64.rpm
    $ sudo yum install ./cloudhsm-client-dyn-latest.el6.x86_64.rpm
    CentOS 7
    $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-client-dyn-latest.el7.x86_64.rpm
    $ sudo yum install ./cloudhsm-client-dyn-latest.el7.x86_64.rpm
    RHEL 6
    $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL6/cloudhsm-client-dyn-latest.el6.x86_64.rpm
    $ sudo yum install ./cloudhsm-client-dyn-latest.el6.x86_64.rpm
    RHEL 7
    $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-client-dyn-latest.el7.x86_64.rpm
    $ sudo yum install ./cloudhsm-client-dyn-latest.el7.x86_64.rpm
    Ubuntu 16.04 LTS
    $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Xenial/cloudhsm-client-dyn_latest_amd64.deb
    $ sudo apt install ./cloudhsm-client-dyn_latest_amd64.deb

    Open SSL 引擎安装在/opt/cloudhsm/lib/libcloudhsm_openssl.so

  2. 使用以下命令设置名为 n3fips_password 的环境变量,该变量包含加密用户 (CU) 的凭证。

    $ export n3fips_password=<HSM user name>:<password>