HSM Parallelism Enablement Procedure

Enabling parallelism for a certificate key managed in a Hardware Security Module (HSM) requires optimizing key usage while ensuring secure operations. Follow the detailed procedure below for enabling:
Note: This is applicable only to Fortanix HSM. Support for other HSM vendors will be included in upcoming release.

DB Script Execution

Execute the following command:
db.hsmParallelismDetails.insertOne({
    "code": "HSMParallelProcessEnabled",
    "hsmParallelismEnabled": true
})

Post-Upgrade Steps for CC in SaaS Environments:

  1. Navigate to the Tools Directory:
    1. Access the Cloud Connector installation directory.
    2. Then, navigate to deps -> tools.
  2. Check Running Pods:
    1. Execute the following command to list all the pods in the cc namespace: 
      ./k3s kubectl get pods -n cc
  3. Identify and Edit the Relevant Pod:
    1. Identify the pod that starts with "avx-mid-server-platform".
    2. Use the identified pod name to execute the following command to edit the deployment: 
      ./k3s kubectl edit deploy avx-mid-server-platform -n cc
  4. Modify the Configuration:
    1. Within the opened file, find the line: 
      -Davx_property_file_path=/appviewx/dependencies/properties/appviewx.properties
    2. Add the following line immediately after this one (without the double quotes): 
      -DHSM_PARALLEL_ENABLED=TRUE
  5. Save the Changes:
    1. Press I to enter insert mode and make the required changes.
    2. After making the changes, press Esc and type :wq to save and exit the editor.
  6. Verify the Changes:
    1. Execute the following command to monitor the pod status and ensure that the server comes back online: 
      ./k3s kubectl get pods -n cc -w

Post-Upgrade Steps for Plugins/Installation of AppViewX in On-Prem Environments:

  1. Navigate to the Tools Directory:
    1. Go to the installation directory of the AppViewX.
  2. Check Running Pods:
    1. Execute the following command to list all the pods in the configured namespace: 
      kubectl get pods -n <namespace>
  3. Identify and Edit the Relevant Pod:
    1. Identify the pod that starts with "avx-platform-hsm".
    2. Use the identified pod name to execute the following command to edit the deployment: 
      kubectl edit deploy avx-platform-hsm -n <namespace>
  4. Modify the Configuration:
    1. Within the opened file, find the line: 
      -Davx_property_file_path=/appviewx/dependencies/properties/appviewx.properties
    2. Add the following line immediately after this one (without the double quotes): 
      -DHSM_PARALLEL_ENABLED=TRUE
  5. Save the Changes:
    1. Press I to enter insert mode and make the required changes.
    2. After making the changes, press Esc and type :wq to save and exit the editor.
  6. Verify the Changes:
    1. Execute the following command to monitor the pod status and ensure that the server comes back online: 
      kubectl get pods -n <namespace> -w