It's 10 PM - Do you know where your keys are ?

The SmartCard-HSM is a lightweight hardware security module in a Smart Card, MicroSD or USB
form factor providing a remotely manageable secure key store to protect your RSA and ECC keys.

SUPPORT

Firmware Update

Firmware updates for the SmartCard-HSM are available in the PKI-as-a-Service Portal.

The firmware can only be updated on an empty SmartCard-HSM. You need to remove all keys, certificates and data files first.

During the firmware update, the SmartCard-HSM receives a new device authentication certificate, so any previous registration at the PKI-as-a-Service portal will need to be renewed.

Recovering from a failed Firmware Update

Updating the firmware is a complex process and complex matters tend to go wrong.

The key issue with a failed update is, that you lose the ability to authenticate with that SmartCard-HSM at the portal. You can not just log-in again and retry the update.

If the update process is interrupted half way, then the system will create a recovery token that you can use to manually complete the firmware update. Please make sure you note down the recovery token before closing the browser window.

To perform a recovery, you will need to start the OCF daemon on the command line:

Locate the file ocf-cc.jar downloaded as part of the PKI-as-a-Service client.
Open a command shell and change into the directory containing the ocf-cc.jar.
If you have multiple card readers attached, then first list all readers with
```
java -jar ocf-cc.jar -l
```
Cut and paste the reader name and add it with
```
-r "Reader Name"
```
in the following command.

Complete the update with

java -jar ocf-cc.jar https://www.pki-as-a-service.net/rt/paas?TOKEN

replace "TOKEN" with the recovery token.