本文属于机器翻译版本。若本译文内容与英语原文存在差异，则一律以英文原文为准。

# 安装和配置适用于 CMU (Linux) 的 AWS CloudHSM 客户端
<a name="cmu-install-and-configure-client-linux"></a>

要使用 cloudhsm\$1mgmt\$1util (CMU) 与 AWS CloudHSM 集群中的硬件安全模块 (HSM) 进行交互，你需要适用于 Linux 的客户端软件。 AWS CloudHSM 您应在之前创建的 Linux Amazon EC2 客户端实例上安装它。如果您使用的是 Windows，也可以安装客户端。有关更多信息，请参阅 [为 CMU 安装和配置 AWS CloudHSM 客户端 (Windows)](cmu-install-and-configure-client-win.md)。

**Topics**
+ [

## 步骤 1：安装 AWS CloudHSM 客户端和命令行工具
](#cmu-install-client)
+ [

## 步骤 2：编辑客户端配置
](#cmu-edit-client-configuration)

## 步骤 1：安装 AWS CloudHSM 客户端和命令行工具
<a name="cmu-install-client"></a>

连接到您的客户端实例并运行以下命令来下载和安装 AWS CloudHSM 客户端和命令行工具。

------
#### [ Amazon Linux ]

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL6/cloudhsm-client-latest.el6.x86_64.rpm
```

```
sudo yum install ./cloudhsm-client-latest.el6.x86_64.rpm
```

------
#### [ Amazon Linux 2 ]

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-client-latest.el7.x86_64.rpm
```

```
sudo yum install ./cloudhsm-client-latest.el7.x86_64.rpm
```

------
#### [ CentOS 7 ]

```
sudo yum install wget
```

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-client-latest.el7.x86_64.rpm
```

```
sudo yum install ./cloudhsm-client-latest.el7.x86_64.rpm
```

------
#### [ CentOS 8 ]

```
sudo yum install wget
```

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL8/cloudhsm-client-latest.el8.x86_64.rpm
```

```
sudo yum install ./cloudhsm-client-latest.el8.x86_64.rpm
```

------
#### [ RHEL 7 ]

```
sudo yum install wget
```

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL7/cloudhsm-client-latest.el7.x86_64.rpm
```

```
sudo yum install ./cloudhsm-client-latest.el7.x86_64.rpm
```

------
#### [ RHEL 8 ]

```
sudo yum install wget
```

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/EL8/cloudhsm-client-latest.el8.x86_64.rpm
```

```
sudo yum install ./cloudhsm-client-latest.el8.x86_64.rpm
```

------
#### [ Ubuntu 16.04 LTS ]

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Xenial/cloudhsm-client_latest_amd64.deb
```

```
sudo apt install ./cloudhsm-client_latest_amd64.deb
```

------
#### [ Ubuntu 18.04 LTS ]

```
wget https://s3.amazonaws.com/cloudhsmv2-software/CloudHsmClient/Bionic/cloudhsm-client_latest_u18.04_amd64.deb
```

```
sudo apt install ./cloudhsm-client_latest_u18.04_amd64.deb
```

------

## 步骤 2：编辑客户端配置
<a name="cmu-edit-client-configuration"></a>

必须先编辑 AWS CloudHSM 客户端配置，然后才能使用客户端连接到集群。

**编辑客户端配置**

1. 如果在 cloudhsm\$1mgmt\$1util 上安装客户端软件开发工具包 3，请完成以下步骤以确保集群中的所有节点都已同步。

   1. 运行 **configure -a *<IP of one of the HSMs>***。

   1. 重新启动客户端服务。

   1. 运行 **configure -m**。

1. 将您的颁发证书 — [ 用于签署集群证书的证书](initialize-cluster.md#sign-csr) — 复制到客户端实例上的以下位置：`/opt/cloudhsm/etc/customerCA.crt`。您需要在客户端实例上具有实例根用户权限才能将您的证书复制到该位置。

1. [使用以下 configure 命令更新 AWS CloudHSM 客户端和命令行工具的配置文件，指定集群中 HSM 的 IP 地址。](configure-tool.md)要获取 HSM 的 IP 地址，请在[AWS CloudHSM 控制台](https://console.aws.amazon.com/cloudhsm/)中查看您的集群，或者运行**[describe-clusters](https://docs.aws.amazon.com/cli/latest/reference/cloudhsmv2/describe-clusters.html)** AWS CLI 命令。在命令输出中，HSM 的 IP 地址为 `EniIp` 字段的值。如果您有多个 HSM，请为其中任何一个 HSM 选择 IP 地址 HSMs；无论哪一个 HSM 都没关系。

   ```
   sudo /opt/cloudhsm/bin/configure -a <IP address>
   	
   Updating server config in /opt/cloudhsm/etc/cloudhsm_client.cfg
   Updating server config in /opt/cloudhsm/etc/cloudhsm_mgmt_util.cfg
   ```

1. 转到 [在中激活集群 AWS CloudHSM](activate-cluster.md)。