Installing HAT
Prerequisites
Java Runtime Environment
A Java Runtime Environment (JRE) version 1.5 (or newer) with "Unlimited Strength Java(TM) Cryptography Extension Policy Files" installed is a prerequisite for running HAT.
HSM with PKCS#11 driver
An appropriate PKCS#11 driver needs to be installed for HAT to be able to communicate with the HSM. Remember to set any environment variables as required by the HSM vendor.
Examples of vendor specific PKCS#11 adapters:
- SafeNet Luna SA v3.1 (PKCS#11 driver: cryptoki.dll)
- SafeNet Luna PCI-7000 (PKCS#11 driver: cryptoki.dll)
- SafeNet Luna SA v3.1 (PKCS#11 driver: libCryptoki2_64.so)
Installation
Copy the HAT distribution ZIP file to the machine you want to run HAT from. Unpack the ZIP file, and you should end up with a HAT directory structure similar to the one shown in the figure below (actual file names may vary).
You will most likely need to configure the runHAT scripts to suit your environment. Detailed description of your configuration options follow in the next few chapters.
Configuring the runHAT scripts
The script used to run HAT is called runHAT.bat for the Windows environment and runHAT.sh for the UNIX environments. The listing below shows a sample script for the UNIX environment:
|
The environment properties in BOLD must be edited.
- Set JAVA_HOME to the java installation directory, and make sure the line is not commented out.
- Set –charset parameter to the character encoding of your command line shell to enable correct interpretation of non-English characters.
The environment properties in ITALIC may optionally be edited.
- Set HAT_JAR to the location of the HAT JAR file
- Set HAT_LIB to the directory where the Bouncy Castle provider libraries are located.
Configuring the logfile
HAT uses Log4J for logging purposes. The log4j.properties file in the props directory must be edited. Replace <DIR WITH ACCESS RIGHTS> with the path to a directory where HAT has write access rights.
|