Operation in WLD Mode

You must configure the Cryptoki Library to operate ProtectToolkit-C in WLD mode by editing the value of the ET_PTKC_GENERAL_LIBRARY_MODE environment variable. For more information about editing the value of this environment variable, refer to ProtectToolkit-C Configuration Items.

The HSM system appears to any application or utility operating in WLD mode as a collection of WLD virtual slots. The HSM physical slots are not accessible to applications or utilities operating in WLD mode.

While configuring the system, it is useful to configure WLD mode with a temporary configuration parameter first by entering set ET_PTKC_GENERAL_LIBRARY_MODE=WLD into a command prompt. Then, when configuration is stable, set the environment variable at the user or system configuration level.

It is possible to have some applications running in WLD mode and others running in NORMAL mode on the same platform. In this case, WLD mode will need to be set in both temporary environment variables and at either the user or system level appropriately. For example, if three applications are to operate in WLD mode and one application is to operate in NORMAL mode, then WLD mode should be set at the user or system level and NORMAL mode should be set in an environment variable operating in the context of the application using it.

If any changes need to be made to the system after configuration, the Library mode must be set to NORMAL so that the utilities can access the HSM slots directly.

To configure a basic WLD system across two ProtectServer Network HSMs with IP addresses 192.168.1.100 and 192.168.1.101, where the participating tokens are labeled "TokName", set these configuration items (seeConfiguration Items):

ET_PTKC_WLD_SLOT_0=TokName
ET_PTKC_GENERAL_LIBRARY_MODE=WLD