The gateway continue to use the default internal key-store after the ssg restart , despite the configuration steps completed successful without errors .
The ssg log on startup says :
2019-08-15T15:28:14.600+0100 INFO 1 com.l7tech.server.security.keystore.SsgKeyStoreManagerImpl: ignoring keystore_file row with a format of hsm.Ncipher because this Gateway node is not configured to use an nCipher HSM
While the HSM status in the ssg menu says :
The gateway is now configured to use the HSM Thales module.
Component : API GTW
After adding some debug , the problem was caused by the instructions to use BouncyCastle as Jce provider to enable SSL for mysql server jdbc connections as documented in