To use the Authentication Suite Server SDK SEE machine signed by OneSpan you need to enable the optional secure execution engine (SEE) feature enabled to allow SEE machine upload on any HSM that will be used with the Authentication Suite Server SDK SEE machine:
SEE activation (CodeSafe 5) for nShield 5c and nShield 5s
This can be done using the nfast command line tool fet (Feature Enable Tool). This tool allows to enable the SEE activation feature either from an activation card (supplied by Entrust nShield) inserted in the slot of the corresponding HSM module, or from a file (supplied by Entrust nShield).
For more instructions to use the fet tool, refer to the Entrust nShield product documentation.
Once the SEE activation feature is enabled, you should verify with fet that all the HSMs have the respective SEE Activation feature enabled:
> fet
Feature Enable Tool
===================
payShield Activation
| ISO Smart Card Support
| | Remote Operator
| | | Korean Algorithms
| | | | SEE Activation (EU+10)
| | | | | SEE Activation (Restricted)
| | | | | | CodeSafe SSL
| | | | | | | Elliptic Curve algorithms
| | | | | | | | Elliptic Curve MQV
| | | | | | | | | Accelerated ECC
Mod Electronic | | | | | | | | | |
No. Serial Number
1 4563-7119-6374 -- NO NO NO NO YES NO NO NO NO NO
2 5673-112E-68AD -- NO NO NO NO NO YES NO NO NO NO
Reading card in slot 0 of module 1.
Non-FEM card found in module 1 slot 0.
Reading card in slot 0 of module 2.
Non-FEM card found in module 2 slot 0.
0. Exit Feature Enable Tool.
1. Read FEM certificate(s) from a smart card or cards.
2. Read FEM certificate from a file.
3. Read FEM certificate from keyboard.
4. Write table to file.
Enter option :