Use this topic to migrate your Key Storage Provider (KSP) from AWS CloudHSM Client SDK 3 to Client SDK 5. For benefits on migrating, see Benefits of AWS CloudHSM Client SDK 5.
In AWS CloudHSM, customer applications perform cryptographic operations using the AWS CloudHSM Client Software Development Kit (SDK). Client SDK 5 is the primary SDK that continues to have new features and platform support added to it.
To review migration instructions for all providers, see Migrating from AWS CloudHSM Client SDK 3 to Client SDK 5.
Migrate to Client SDK 5
Follow the instructions in this section to migrate from Client SDK 3 to Client SDK 5.
-
Uninstall the Client Daemon for Client SDK 3.
$Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -eq "AWS CloudHSM Client"} | ForEach-Object {$_.Uninstall()} -
Install the Client SDK Key Storage Provider (KSP) by following the steps in Install the Key storage provider (KSP) for AWS CloudHSM Client SDK 5.
-
Client SDK 5 introduces a new configuration file format and command-line bootstrapping tool. To bootstrap your Client SDK 5 Key Storage Provider (KSP), follow the instructions listed in the user guide under Bootstrap the Client SDK.
-
Key Storage Provider (KSP) for AWS CloudHSM Client SDK 5 introduces a SDK3 compatibility mode option to support the usage of key file for SDK3. See SDK3 compatibility mode for Key Storage Provider (KSP) for AWS CloudHSM.
-
In your development environment, test your application. Make updates to your existing code to resolve your breaking changes before your final migration.
Related topics
