Transitioning between HSM States via payShield Manager
payShield Manager allows the user to transition between the payShield states. This is done using the State button at the bottom right corner of the payShield Manager screen.
The allowed state transitions are based on the type of users logged in.
For example:
- If only a left or only a right RACC are logged into the HSM, then the available states are Online and Offline.
- If at least one left and one right RACC are logged into the HSM, then all three state transitions are allowed.
Online : In Online state, the HSM permits communication with a Host computer system by way of the HSM’s Host port.
Offline : In Offline state, the HSM prevents communication with the Host computer system. Usually, this state is required when changing configuration parameters.
Secure : In Secure state, the HSM prevents communication with the Host computer system. This state is required for certain highly sensitive functions (for example, generating or loading LMKs into the HSM).
Switching to Online or Offline State : To switch the HSM into the Online or Offline state, simply click the appropriate option from the State button’s menu list.
Switching to Secure State : Switching the HSM into its Secure state requires one left and one right RACC (both belonging to the HSM in which you wish to switch to secure state) to be authenticated.
Assuming you logged in with a left RACC, you would simply have to login the right RACC before the State button would present the option to move to the “Secure” state.