Follow

Failed to Load PKCS11 Keystorage Driver

Applies To

Venafi TLS Protect Datacenter when a Hardware Security Module is in use

 

Problem

When installing Venafi TLS Protect to an existing environment with HSM software installed on the server, the following error message can appear:

Failed to pre-start the Venafi Framework (KeyStore subsystem); error: Unable to start the sub-system "Keystore"; error: Failed to load PKCS11 KeyStorage driver (DN: \VED\Encryption\{Name of HSM Object}). Error: The specified module could not be found [4294967295]
Screenshot_2023-05-01_at_12.52.40_PM.png

 

Cause

This error occurs when the TLS Protect server is looking for the HSM .dlls that are used in the rest of the environment but are not appearing where it is expected.

 

Resolution

When adding additional servers to an environment that utilizes an HSM, the HSM software needs to be installed in the same exact directory as the other servers. Also the slot and serial information on the HSM needs to match the rest of the environment or else this error will appear.

Was this article helpful?
0 out of 0 found this helpful

Comments