Note: The information in this section is specific to the POWER-based platform.
The PKCS #11 subsystem provides applications a method for accessing hardware devices (tokens) in a device neutral manner. The content in this document conforms to Version 2.01 of the PKCS #11 standard.
This subsystem has been implemented using three components:
The IBM 4758 Model 2 Cryptographic Coprocessor provides a secure computing environment. Before attempting to configure the PKCS #11 subsystem, verify that the adapter has been properly configured with a supported microcode.
The PKCS #11 subsystem is designed to automatically detect adapters capable of supporting PKCS #11 calls during installation and at reboot. For this reason, any IBM 4758 Model 2 Cryptographic Coprocessor which is not properly configured will not be accessible from the PKCS #11 interface and calls sent to the adapter will fail. Complete the following to verify that your adapter is set up correctly:
lsdev -Cc adapter | grep crypt
If the IBM 4758 Model 2 Cryptographic Coprocessor does not show in the resulting list, check that the card is seated properly and that the supporting software is correctly installed.
csufclu /tmp/l ST device_number_minor
Verify that the Segment 3 Image has the PKCS #11 Application loaded. If it is not loaded refer to the adapter specific documentation to obtain the latest microcode and installation instructions.
Note: If this utility is not available, then the supporting software has not been installed.