This chapter describes how to install the Sun Crypto Accelerator 1000 hardware and software. This chapter includes the following sections:

• Handling the Board
• Installing the Board
• Directories and Files

---

Handling the Board

Each board is packed in a special antistatic bag to protect it during shipping and storage. To avoid damaging the static-sensitive components on the board, reduce any static electricity on your body before touching the board by using one of the following methods:

• Touch the metal frame of the computer.
• Attach an antistatic wrist strap to your wrist and to a grounded metal surface.

Caution - To avoid damaging the sensitive components on the board, wear an antistatic wrist strap when handling the board, hold the board by its edges only, and always place the board on an antistatic surface (such as the plastic bag it came in).

---

Installing the Board

Installing the Sun Crypto Accelerator 1000 board involves inserting the board into the system and loading the software tools. The hardware installation instructions include only general steps for installing the board. Refer to the documentation that came with your system for specific installation instructions.

1. As superuser, follow the instructions that came with your system to shut down and power off the computer, disconnect the power cord, and remove the computer cover.

2. Locate an unused PCI slot (preferably a 64 bit, 66 MHz slot).

3. Attach an antistatic wrist strap to your wrist, and attach the other end to a grounded metal surface.

4. Using a Phillips-head screwdriver, remove the screw from the PCI slot cover.

Save the screw to hold the bracket in Step 5.

5. Holding the Sun Crypto Accelerator 1000 board by its edges only, take it out of the plastic bag and insert it into the PCI slot, and then secure the screw on the rear bracket.

6. Replace the computer cover, reconnect the power cord, and power on the system.

7. Verify that the board is properly installed by issuing the show-devs command at the ok prompt:

ok show-devs . . . /pci@1f,2000/pci108e,5455@1 /pci@1f,4000/pci108e,5455@5 . . .

The lines /pci@1f,2000/pci108e,5455@n show that the board is installed and recognized by the system. There will be one such line for each board in the system.

---

Installing the Sun Crypto Accelerator 1000 Software

The Sun Crypto Accelerator 1000 software is included on the Sun Crypto Accelerator 1000 CD. You may need to download patches from the SunSolve web site. See Required Patches for more information.

To Install the Software

1. Remove all Sun Crypto Accelerator 1000 version 1.0 software before installing version 1.1. Use the following command to remove all version 1.0 packages:

# pkgrm SUNWcrysl SUNWdcav SUNWdcar SUNWcrysu SUNWcrypu SUNWcrypr SUNWdcamn SUNWcrypm

2. Insert the Sun Crypto Accelerator 1000 CD into a CD-ROM drive that is connected to your system.

• If your system is running Sun Enterprise Volume Manager, it should automatically mount the CD-ROM to the /cdrom/cdrom0 directory.
• If your system is not running Sun Enterprise Volume Manager, mount the CD-ROM as follows:

# mount -F hsfs -o ro /dev/dsk/c0t6d0s2 /cdrom

You see the following files and directories in the /cdrom/cdrom0 directory.

TABLE 2-1 Files in the /cdrom/cdrom0 Directory

File or Directory	Contents
Copyright	U.S. copyright file
FR_Copyright	French copyright file
Docs	Sun Crypto Accelerator 1000 Board Version 1.1 Installation and User's Guide
Packages	Contains the Sun Crypto Accelerator 1000 software packages: SUNWcrypr Cryptography Kernel Components SUNWcrypu Cryptographic Administration Utility and Libraries SUNWcrysu SSL Support for Apache (optional) SUNWcrypm Cryptographic Administration Manual Pages SUNWdcar DCA Crypto Accelerator (Root) SUNWdcamn DCA Crypto Accelerator Manual Page SUNWdcav SunVTS Test of DCA Crypto Accelerator (optional) SUNWcrysl SSL Development Tools and Libraries (optional)

Install the SUNWcrysu package only if you plan to use Apache as your web server.

Install the SUNWcrysl package only if you plan to relink to another (unsupported) version of Apache Web Server.

Install the SUNWdcav package only if the you plan to perform the SunVTS tests. You must have SunVTS 4.4, 4.5, 4.6, or 5.0 installed to install the SUNWdcav package.

3. Install the software packages by typing:

# cd /cdrom/cdrom0/Packages # pkgadd -d .

4. To verify that the software is installed properly, run the pkginfo command.

# pkginfo SUNWcrypr SUNWcrypu SUNWcrysl SUNWcrysu SUNWcrypm SUNWdcar SUNWdcamn SUNWdcav system SUNWcrypr Cryptography Kernel Components system SUNWcrypu Cryptographic Administration Utility and Libraries system SUNWcrysl SSL Development Tools and Libraries system SUNWcrysu SSL Support for Apache system SUNWcrypm Cryptographic Administration Manual Pages system SUNWdcar DCA Crypto Accelerator (Root) system SUNWdcamn DCA Crypto Accelerator Manual Page system SUNWdcav SunVTS Test of DCA Crypto Accelerator

5. (Optional) To ensure that the driver attached, you can run the prtconf command. If multiple Sun Crypto Accelerator 1000 boards are installed, multiple lines are displayed as shown in the following example.

# prtconf pci108e,5455, instance #0 pci108e,5455, instance #1

6. (Optional) Run the modinfo command to see that modules are loaded.

However, until you have actually used the Sun Crypto Accelerator 1000 board to perform cryptographic operations, kcl and cryptio may not be loaded or appear.

# modinfo | grep Crypto 130 1033e946 6df0 79 1 cryptio (Cryptographic IOCTL v1.58) 131 1030240c 2d93 - 1 kcl (Cryptographic Library v1.64) 132 10313ac8 131e - 1 kcpi (Crypto Provider Interface v1.27) 135 103178be 8684 82 1 dca (PCI Crypto Accelerator v1.156)

---

Directories and Files

TABLE 2-2 shows the directories created by the default installation of the Sun Crypto Accelerator 1000 software.

TABLE 2-2 Sun Crypto Accelerator 1000 Directories

Directory	Contents
/etc/opt/SUNWconn/crypto/realms	Realm and user data
/opt/SUNWconn/crypto/bin	Application executables
/opt/SUNWconn/crypto/lib	Application libraries
/opt/SUNWconn/crypto/sbin	Statically linked executables

FIGURE 2-1 shows the hierarchy of these directories and files.

 

FIGURE 2-1 Sun Crypto Accelerator 1000 Directories and Files

[ D ]

---

Removing the Software

If you have created realms, you must delete the realms before removing the software. Refer to To Delete Realms. If you did not create realms, you can safely ignore this procedure. You cannot delete a realm that is currently in use. To free references to realms, you might have to shut down the web server and/or administration server.

---

Caution - Before removing the Sun Crypto Accelerator 1000 software you must disable any web servers you have enabled for use with the Sun Crypto Accelerator 1000 board. Failure to do so will leave those web servers nonfunctional.

---

To Remove the Software

As superuser, use the pkgrm command to remove only the software packages you installed.

---

Caution - Installed packages must be removed in the order shown. Failure to remove them in this order could result in dependency warnings and leave kernel modules loaded

---

If you installed all the packages, you would remove them as follows:

# pkgrm SUNWcrysl SUNWdcav SUNWdcar SUNWcrysu SUNWcrypu SUNWcrypr SUNWdcamn SUNWcrypm

---

Note - After installing or removing the SunVTS test (SUNWdcav) for the Sun Crypto Accelerator 1000 board, if SunVTS is already running it might be necessary to reprobe the system to update the available tests. See your SunVTS documentation for more information.

---

Sun Crypto Accelerator 1000 Board Version 1.1 Installation and User's Guide

816-2450-11

Copyright © 2002, Sun Microsystems, Inc. All rights reserved.