Applies To
Venafi TLS Protect Datacenter when a Hardware Security Module is in use
Problem
When installing Venafi TLS Protect to an existing environment with HSM software installed on the server, the following error message can appear:
Failed to pre-start the Venafi Framework (KeyStore subsystem); error: Unable to start the sub-system "Keystore"; error: Failed to load PKCS11 KeyStorage driver (DN: \VED\Encryption\{Name of HSM Object}). Error: The specified module could not be found [4294967295]
Cause
This error occurs when the TLS Protect server is looking for the HSM .dlls that are used in the rest of the environment but are not appearing where it is expected.
Resolution
When adding additional servers to an environment that utilizes an HSM, the HSM software needs to be installed in the same exact directory as the other servers. Also the slot and serial information on the HSM needs to match the rest of the environment or else this error will appear.
Comments