Forge Home


puppet module to install and configure SoftHSM


5,277 latest version

5.0 quality score

Version information

  • 1.1.1 (latest)
  • 1.1.0
  • 1.0.0
  • 0.3.1
  • 0.3.0
  • 0.2.0
  • 0.1.0
released Jul 5th 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'icann-softhsm', '1.1.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add icann-softhsm
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install icann-softhsm --version 1.1.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



icann/softhsm — version 1.1.1 Jul 5th 2018

Build Status Puppet Forge Puppet Forge Downloads


Table of Contents

  1. Overview
  2. Setup - The basics of getting started with dns
  3. Reference - An under-the-hood peek at what the module is doing and how
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module


Install SoftHSM and manage security tokens

Module Description


What SoftHSM affects

  • installs and manages softhsm2

Setup Requirements

  • puppetlabs-stdlib 4.17.0
  • icann-tea 0.2.12

Beginning with SoftHSM

install either package with no token

class { '::softhsm': }


Add a new token

softhsm::token { 'test'
  pin    => '1111',
  so_pin => '1111',

you can also pass tokens directly to the class

class {'::softhsm':
  tokens => {
    'test' => {
      'pin'    => '1111',
      'so_pin' => '1111',

Or via hiera

    pin: 1111
    so_pin: 1111



Public Classes

Class: softhsm

  • package (String, Default: 'softhsm2'): The SoftHSM package to install
  • conf_file (Stdlib::Absolutepath, Default: '/etc/softhsm/softhsm2.conf'): the location of the lof file
  • tokendir (Stdlib::Absolutepath, Default: '/var/lib/softhsm/tokens/'): the location of the tokens directory
  • objectstore_backend (Enum['file','db'], Default: 'file'): how to stor objects
  • log_level (Tea::Syslog_level, Default: 'info'): Syslog level to use
  • tokens (Hash[String, Softhsm::Token], Default: {}): tokens to configure
  • $user (String, Default: 'root'): owner of the token directory and its sub-directories
  • $group (String, Default: 'root'): group owner of the token directory and its sub-directories

Public Types

Type softhsm::token

  • pin (Pattern[/\d{4,255}/]): user pin to configure
  • so_pin (Pattern[/\d{4,255}/]): security office pin to configure


This module has been tested on:

  • Ubuntu 12.04, 14.04
  • FreeBSD 10


Pull requests welcome but please also update documentation and tests.