Instalar o OpenSSL Dynamic Engine para o Client SDK 5 do AWS CloudHSM

Instalar e configurar o mecanismo dinâmico do OpenSSL

1. Use os seguintes comandos para fazer download e instalar o mecanismo OpenSSL.

   Amazon Linux 2023

   Instale o OpenSSL Dynamic Engine para Amazon Linux 2023 na arquitetura X86_64:

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Amzn2023/cloudhsm-dyn-latest.amzn2023.x86_64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.amzn2023.x86_64.rpm

   Instale o OpenSSL Dynamic Engine para Amazon Linux 2023 na arquitetura: ARM64

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Amzn2023/cloudhsm-dyn-latest.amzn2023.aarch64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.amzn2023.aarch64.rpm

   Amazon Linux 2

   Instale o OpenSSL Dynamic Engine para Amazon Linux 2 na arquitetura X86_64:

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-dyn-latest.el7.x86_64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el7.x86_64.rpm

   Instale o OpenSSL Dynamic Engine para Amazon Linux 2 na arquitetura: ARM64

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-dyn-latest.el7.aarch64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el7.aarch64.rpm

   RHEL 10 (10.0+)

   Instale o OpenSSL Dynamic Engine para RHEL 10 na arquitetura x86_64:

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL10/cloudhsm-dyn-latest.el10.x86_64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el10.x86_64.rpm

   Instale o OpenSSL Dynamic Engine para RHEL 10 na arquitetura: ARM64

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL10/cloudhsm-dyn-latest.el10.aarch64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el10.aarch64.rpm

   RHEL 9 (9.2+)

   Instale o OpenSSL Dynamic Engine para RHEL 9 na arquitetura X86_64:

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL9/cloudhsm-dyn-latest.el9.x86_64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el9.x86_64.rpm

   Instale o OpenSSL Dynamic Engine para RHEL 9 na arquitetura: ARM64

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL9/cloudhsm-dyn-latest.el9.aarch64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el9.aarch64.rpm

   RHEL 8 (8.3+)

   Instale o OpenSSL Dynamic Engine para RHEL 8 na arquitetura X86_64:

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL8/cloudhsm-dyn-latest.el8.x86_64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el8.x86_64.rpm

   Instale o OpenSSL Dynamic Engine para RHEL 8 na arquitetura: ARM64

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL8/cloudhsm-dyn-latest.el8.aarch64.rpm

   $ sudo yum install ./cloudhsm-dyn-latest.el8.aarch64.rpm

   Ubuntu 24.04 LTS

   Instale o OpenSSL Dynamic Engine para Ubuntu 24.04 LTS na arquitetura x86_64:

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Noble/cloudhsm-dyn_latest_u24.04_amd64.deb

   $ sudo apt install ./cloudhsm-dyn_latest_u24.04_amd64.deb

   Instale o OpenSSL Dynamic Engine para Ubuntu 24.04 LTS na arquitetura: ARM64

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Noble/cloudhsm-dyn_latest_u24.04_arm64.deb

   $ sudo apt install ./cloudhsm-dyn_latest_u24.04_arm64.deb

   Ubuntu 22.04 LTS

   Instale o OpenSSL Dynamic Engine para Ubuntu 22.04 LTS na arquitetura X86_64:

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Jammy/cloudhsm-dyn_latest_u22.04_amd64.deb

   $ sudo apt install ./cloudhsm-dyn_latest_u22.04_amd64.deb

   Instale o OpenSSL Dynamic Engine para Ubuntu 22.04 LTS na arquitetura: ARM64

   $ wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Jammy/cloudhsm-dyn_latest_u22.04_arm64.deb

   $ sudo apt install ./cloudhsm-dyn_latest_u22.04_arm64.deb

   Você instalou a biblioteca compartilhada para o mecanismo dinâmico em /opt/cloudhsm/lib/libcloudhsm_openssl_engine.so.

2. Bootstrap do Client SDK 5. Para obter mais informações sobre ações de bootstrap, consulte Bootstrap o Client SDK.

3. Defina uma variável de ambiente com as credenciais de um usuário de criptografia (CU). Para obter informações sobre a criação CUs, consulteCrie um AWS CloudHSM usuário com o CloudHSM CLI.

   $ export CLOUDHSM_PIN=<HSM user name>:<password>

   nota

   O Client SDK 5 introduz a variável de CLOUDHSM_PIN ambiente para armazenar as credenciais do CU. No Client SDK 3, você armazena as credenciais do CU na variável de n3fips_password ambiente. O Client SDK 5 é compatível com as duas variáveis de ambiente, mas recomendamos o uso de CLOUDHSM_PIN.

   Ao definir variáveis de CLOUDHSM_PIN ambiente, você deve escapar de quaisquer caracteres especiais que possam ser interpretados pelo seu shell.

4. Conecte sua instalação do mecanismo dinâmico do OpenSSL ao cluster. Para obter mais informações, consulte Conexão com um cluster.

5. Bootstrap o Client SDK 5. Para obter mais informações, consulte Bootstrap o Client SDK.