So I installed a Net HSM and a Windows Server 2008 R2 machine. I wanted to achieve two goals:
(1) Using the a Net HSM (aka enrolling)
(2) Use the HSM to support OpenSSL/MSCAPI at the same time
Update: I am using Windows 7 Enterprise for the client, using version 11.11 of the nCipher tools on both machines.
This was rather obvious, use the IP address of the server so that the nFast server connects to that remote server. I will use CLIENT as the name of the client machine and SERVER as the Net HSM installed on the network.
nethsmenroll.exe -p -V [IP]
rfs-sync .exe --setup --no-authenticate [IP]
I used the Andrea Campi's great blog post as a starting point for this, so some of the credit goes to him.
The few differences found are subtle but definitely very important.
OpenSSL 0.9.8e 23 Feb 2007
openssl.exe engine -t chil
(chil) CHIL hardware engine support
[ available ]