User's Manual
Configuring Your System to Use Hardware Security Modules
7-50 Oracle Database Advanced Security Administrator's Guide
■ (UNIX) /opt/nfast
■ (Windows) C:\nfast
The nCipher PKCS #11 library is located at the following file system directory
locations for typical installations:
■ (UNIX 32 bit): /opt/nfast/toolkits/pkcs11/libcknfast.so
■ (UNIX 64 bit): /opt/nfast/toolkits/pkcs11/libcknfast-64.so
■ (Windows): C:\nfast\toolkits\pkcs11\cknfast.dll
Troubleshooting Using Hardware Security Modules
To detect whether the module is being used, you can turn on Oracle Net tracing. If
the wallet contains PKCS #11 information and the private key on the module is
being used, then you will see the following entries in the Oracle Net tracing file
without error messages logged between entry and exit:
nzpkcs11_Init: entry
nzpkcs11CP_ChangeProviders: entry
nzpkcs11CP_ChangeProviders: exit
nzpkcs11GPK_GetPrivateKey: entry
nzpkcs11GPK_GetPrivateKey: exit
nzpkcs11_Init: exit
...
nzpkcs11_Decrypt: entry
nzpkcs11_Decrypt: exit
nzpkcs11_Sign: entry
nzpkcs11_Sign: exit
Note: Use the 32-bit library version when using the 32-bit release
of Oracle Database and use the 64-bit library version when using
the 64-bit release of Oracle Database. For example, use the 64-bit
nCipher PKCS #11 library for the Oracle Database for Solaris
Operating System (SPARC 64-bit).
See Also: Oracle Net Services Administrator's Guide for information
about setting tracing parameters to enable Oracle Net tracing