The audience of this document is an experienced system administrator with a good understanding of Microsoft SQL Server management. In addition, it is helpful to be familiar with the terminology, software and tools specific to YubiHSM 2. As a primer for these, refer to the Terminology chapter.
In order to follow the steps provided in this guide, the following prerequisites must be met:
Microsoft Windows Server 2012 SP2 or higher, with Microsoft .NET Framework 4.7.2 or higher. The operating system should be installed in a secure computer network. The system administrator must also have elevated system privileges.
Access to Microsoft SQL Server 2017 with SQL Server Management Studio (SSMS) 2017 or higher.
YubiHSM 2 software and tools for Windows downloaded from the Yubico YubiHSM 2 Release page and available on the system to be used.
Note
|
The 32-bit version of the YubiHSM KSP DLL is needed for use with SSMS. |
Two (2) YubiHSM 2 devices, one for deployment and one for backup in hardware.
Your organization policies may require key custodians to be available for the YubiHSM 2 deployment. For more information about key custodians and the associated ‘M of N’ key shares, see "Understanding Key Splitting and Key Custodians" in "Prerequisites and Preparations" in the YubiHSM 2 Windows Deployment Guide.
For the integration described in this guide, the following hardware and software configuration was used:
Microsoft Windows Server 2012 SP2.
Microsoft .NET Framework 4.7.2.
Microsoft SQL Server 2017.
Microsoft SQL Server Management Studio (SSMS) 2018.
Yubico YubiHSM v 2.1.2.
Yubico YubiHSM software tools v TBD. In particular, the 32-bit YubiHSM KSP DLL is needed for use with SSMS (which is a 32-bit application).