User guide

CHAPTER 14

HSM Firmware

•

Upgrading the HSM Firmware on page 55

Upgrading the HSM Firmware

Some system software upgrades may also require firmware updates. Typically, firmware

upgrades occur during the boot process. After the system software updates, the serial

console prompts you for the keystore restore password before upgrading the HSM’s

firmware. If you do not remember the password, you have the option of upgrading the

firmware at a later date using the serial console. Note that the web server may not function

properly if the firmware upgrade is required and is not updated.

To upgrade the firmware using the serial console:

1. Click System > Clustering > Cluster Status tab in the admin console and wait for the

node to be in the “FIPS disassociated” state.

2. Open a serial console and enter 9 to select the FIPS option.

3. Enter 6 to select Load Firmware.

NOTE: The SA Series FIPS appliance is said to be in a disassociated state

when the key store state in the cache and on disk are different. As a security

measure, you cannot load firmware when the appliance is in a disassociated

state. The option is disabled. To resolve a disassociated state, connect to

the serial console and reload the FIPS keystore database (Option 9 >

Sub-option 1).

Documentation

• FIPS Overview on page 9