Cloudera Navigator Key HSM is a universal hardware security module (HSM) driver that
translates between the target HSM platform and Cloudera Navigator Key Trustee Server. Navigator
Key HSM allows you to use a Key Trustee Server to securely store and retrieve encryption keys
and other secure objects, without being limited solely to a hardware-based platform.
-
Set up the Key HSM repository.
Download the Key HSM tarball and create a local Key HSM repository with the files from
the tarball.
You must create an internal repository to install Cloudera Navigator Key HSM. For
instructions on creating internal repositories, see Configuring a Local Package Repository.
-
Install the Key HSM repository.
Add the local Key HSM repository you created earlier. See Configuring a Local Package Repository for more
information.
Run the following command to import the GPG
key:
$ sudo rpm --import http://repo.example.com/path/to/RPM-GPG-KEY-cloudera
-
Install the CDH repository.
Key Trustee Server and Key HSM depend on the
bigtop-utils
package,
which is included in the CDH repository. For instructions on adding the CDH repository,
see
Configuring a Local Package Repository.
-
Install Navigator Key HSM.
Run the following command to install the Navigator Key HSM
package:
sudo yum install keytrustee-keyhsm
Cloudera Navigator Key HSM is installed to the
/usr/share/keytrustee-server-keyhsm
directory by default.