Integrating Key HSM with Key Trustee Server

After importing the certificate from Key Trustee Server, configure Key HSM to trust it. On the Key HSM server, run the following command:
$ sudo keyhsm trust /path/to/key_trustee_server/cert
To configure Key Trustee Server to integrate with Key HSM:
  1. Make sure that the Key HSM service is running. Run the following command on the Key HSM host:
    $ sudo service keyhsm start
  2. On the Key Trustee Server, run the following command:
    $ sudo ktadmin keyhsm --server<port> --trust
  3. Restart the Key Trustee Server service:
    • Using Cloudera Manager: Key Trustee Server service > Actions > Restart
    • Using the command line:
      $ sudo service keytrusteed restart