HSM: Error while opening connection to the HSM

Question

Receiving the CKR_GENERAL_ERROR when the application tries to open a connection to the H/W HSM.

The error in detail is:

50004-Crypto API could not be open.
Caused by: xxx.xxx.xxx.cryptoapi.CryptoApiSysException: Error opening session!!
Caused by: iaik.pkcs.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
        at iaik.pkcs.pkcs11.wrapper.PKCS11Implementation.C_Initialize(Native Method) ~[pkcs11Wrapper-1.2.18.jar:1.2.18]
        at iaik.pkcs.pkcs11.Module.initialize(Module.java:307) ~[pkcs11Wrapper-1.2.18.jar:1.2.18]

Could anyone please tell what might be the reason for this error? The application works fine with the software HSM.

H/W HSM details:

• ProtectToolkit C Key management utility : 4.2.0 (even tried with 4.3.0)
• Manufacturer : Eracom
• Hardware version : 66.00
• Firmware version : 2.02

Answer 1

CKR_GENERAL_ERROR is the general error message thrown by most of the PKCS#11 complaint API. Since you have the error while connecting to the HSM hardware Please make sure you do the following things:

• You have successfully done the client (you app) to h/w hsm NTL configuration. Here's a link!
• Verify that you have a valid slot number and partition password (PIN) while opening the session and login to the hsm.

Also, you can check HSM logs (usually residing on your hsm client installation directory in your application) to know what is the exact cause for the problem. Here's You can refer to my previous response on finding luna safenet client logs!