diff --git a/get-server/pom.xml b/get-server/pom.xml
index dd63a29..4867158 100644
--- a/get-server/pom.xml
+++ b/get-server/pom.xml
@@ -185,7 +185,7 @@
 		<dependency>
 			<groupId>ee.cyber.cdoc2</groupId>
 			<artifactId>cdoc2-lib</artifactId>
-			<version>2.0.1-SNAPSHOT</version>
+			<version>2.0.0</version>
 			<scope>test</scope>
 		</dependency>
 
@@ -264,8 +264,8 @@
 		<dependency>
 			<groupId>ee.cyber.cdoc2</groupId>
 			<artifactId>cdoc2-lib</artifactId>
-<!--			for successful pkcs11 tests version must be at least 1.5.0-SNAPSHOT-->
-			<version>2.0.1-SNAPSHOT</version>
+<!--			for successful pkcs11 tests version must be at least 2.0.1-SNAPSHOT-->
+			<version>2.0.0</version>
 			<type>test-jar</type>
 			<scope>test</scope>
 		</dependency>
diff --git a/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java b/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java
index 07e2c0c..34703cf 100644
--- a/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java
+++ b/get-server/src/test/java/ee/cyber/cdoc2/server/GetKeyCapsuleApiTests.java
@@ -56,7 +56,7 @@
 class GetKeyCapsuleApiTests extends KeyCapsuleIntegrationTest {
 
     // read hardware PKCS11 device conf from a properties file
-    private Pkcs11DeviceConfiguration pkcs11Conf = new Pkcs11DeviceConfiguration();
+    private Pkcs11DeviceConfiguration pkcs11Conf = Pkcs11DeviceConfiguration.load();
 
     // rest client with client auth using keystore rsa/client-rsa-2048.p12
     @Qualifier("trustAllWithClientAuth")
@@ -202,14 +202,14 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
         prop += "cdoc2.client.ssl.trust-store.type=JKS\n";
         prop += "cdoc2.client.ssl.trust-store=" + TestData.getKeysDirectory().resolve("clienttruststore.jks") + "\n";
         prop += "cdoc2.client.ssl.trust-store-password=passwd\n";
-        prop += "pkcs11-library=" + pkcs11Conf.getPkcs11Library() + "\n";
+        prop += "pkcs11-library=" + pkcs11Conf.pkcs11Library() + "\n";
 
         prop += "cdoc2.client.ssl.client-store.type=PKCS11\n";
 
         if (interactive) {
             prop += "cdoc2.client.ssl.client-store-password.prompt=PIN1\n";
         } else {
-            prop += "cdoc2.client.ssl.client-store-password=" + new String(pkcs11Conf.getPin()) + "\n";
+            prop += "cdoc2.client.ssl.client-store-password=" + new String(pkcs11Conf.pin()) + "\n";
         }
 
         Properties p = new Properties();
@@ -223,7 +223,7 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
         // Storing clientKeyStore in KeyServerPropertiesClient is a bit of hack for tests.
         // It's required to get recipient pub key
         // normally recipient certificate would come from LDAP, but for test-id card certs are not in LDAP
-        X509Certificate cert  = (X509Certificate) client.getClientCertificate(pkcs11Conf.getKeyAlias());
+        X509Certificate cert  = (X509Certificate) client.getClientCertificate(pkcs11Conf.keyAlias());
         assertNotNull(cert);
         // Client public key TLS encoded binary base64 encoded
         PublicKey recipientPubKey = cert.getPublicKey();
@@ -264,7 +264,7 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
     void testPKCS11Client() throws Exception {
 
         //PIN1 for 37101010021 test id-kaart
-        var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.getPin());
+        var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.pin());
 
         //Or ask pin interactively
         @SuppressWarnings("java:S125")
@@ -274,8 +274,8 @@ void testPKCS11Client() throws Exception {
         KeyStore trustKeyStore = null;
         try {
             clientKeyStore = Pkcs11Tools.initPKCS11KeysStore(
-                pkcs11Conf.getPkcs11Library(),
-                pkcs11Conf.getSlot(),
+                pkcs11Conf.pkcs11Library(),
+                pkcs11Conf.slot(),
                 protectionParameter
             );
 
@@ -292,7 +292,7 @@ void testPKCS11Client() throws Exception {
         log.debug("aliases: {}", Collections.list(clientKeyStore.aliases()));
 
 
-        X509Certificate cert  = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.getKeyAlias());
+        X509Certificate cert  = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.keyAlias());
         log.debug("Certificate issuer is {}.  This must be in server truststore "
             + "or SSL handshake will fail with cryptic error", cert.getIssuerDN());
 
diff --git a/put-server/pom.xml b/put-server/pom.xml
index 813c7fc..a301b82 100644
--- a/put-server/pom.xml
+++ b/put-server/pom.xml
@@ -194,15 +194,15 @@
 		<dependency>
 			<groupId>ee.cyber.cdoc2</groupId>
 			<artifactId>cdoc2-lib</artifactId>
-			<version>2.0.1-SNAPSHOT</version>
+			<version>2.0.0</version>
 			<scope>test</scope>
 		</dependency>
 
 		<dependency>
 			<groupId>ee.cyber.cdoc2</groupId>
 			<artifactId>cdoc2-lib</artifactId>
-<!--			for successful pkcs11 tests version must be at least 1.5.0-SNAPSHOT-->
-			<version>2.0.1-SNAPSHOT</version>
+<!--			for successful pkcs11 tests version must be at least 2.0.1-SNAPSHOT-->
+			<version>2.0.0</version>
 			<!-- cdoc2-lib src/test compiled classes-->
 			<type>test-jar</type>
 			<scope>test</scope>
diff --git a/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java b/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java
index 2dd9525..9e2307b 100644
--- a/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java
+++ b/put-server/src/test/java/ee/cyber/cdoc2/server/CreateKeyCapsuleIntegrationTest.java
@@ -56,7 +56,7 @@
 class CreateKeyCapsuleIntegrationTest extends KeyCapsuleIntegrationTest {
 
     // read hardware PKCS11 device conf from a properties file
-    private Pkcs11DeviceConfiguration pkcs11Conf = new Pkcs11DeviceConfiguration();
+    private Pkcs11DeviceConfiguration pkcs11Conf = Pkcs11DeviceConfiguration.load();
 
     @Qualifier("trustAllNoClientAuth")
     @Autowired
@@ -203,7 +203,7 @@ void testKeyServerPropertiesClientPKCS11(boolean interactive) throws Exception {
 
         // Storing clientKeyStore in KeyCapsulesClientImpl is a bit of hack for tests.
         // normally recipient certificate would come from LDAP, but for test-id card certs are not in LDAP
-        X509Certificate cert  = (X509Certificate) client.getClientCertificate(pkcs11Conf.getKeyAlias());
+        X509Certificate cert  = (X509Certificate) client.getClientCertificate(pkcs11Conf.keyAlias());
         assertNotNull(cert);
 
         // Client public key TLS encoded binary base64 encoded
@@ -248,13 +248,13 @@ private String getProperties(boolean interactive) {
         prop += "cdoc2.client.ssl.trust-store.type=JKS\n";
         prop += "cdoc2.client.ssl.trust-store=" + TestData.getKeysDirectory().resolve("clienttruststore.jks") + "\n";
         prop += "cdoc2.client.ssl.trust-store-password=passwd\n";
-        prop += "pkcs11-library=" + pkcs11Conf.getPkcs11Library() + "\n";
+        prop += "pkcs11-library=" + pkcs11Conf.pkcs11Library() + "\n";
 
         prop += "cdoc2.client.ssl.client-store.type=PKCS11\n";
         if (interactive) {
             prop += "cdoc2.client.ssl.client-store-password.prompt=PIN1\n";
         } else {
-            prop += "cdoc2.client.ssl.client-store-password=" + Arrays.toString(pkcs11Conf.getPin()) + "\n";
+            prop += "cdoc2.client.ssl.client-store-password=" + Arrays.toString(pkcs11Conf.pin()) + "\n";
         }
         return prop;
     }
@@ -263,15 +263,15 @@ private String getProperties(boolean interactive) {
     @Tag("pkcs11")
     void testPKCS11Client() throws Exception {
         //PIN from conf file
-        var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.getPin());
+        var protectionParameter = new KeyStore.PasswordProtection(pkcs11Conf.pin());
 
         KeyStore clientKeyStore = null;
         KeyStore trustKeyStore = null;
-        String pkcs11Library = pkcs11Conf.getPkcs11Library();
+        String pkcs11Library = pkcs11Conf.pkcs11Library();
         log.info("Oleska: library in testPKCS11Client() in integration test: " + pkcs11Library);
         try {
             clientKeyStore = Pkcs11Tools.initPKCS11KeysStore(
-                pkcs11Conf.getPkcs11Library(), pkcs11Conf.getSlot(), protectionParameter
+                pkcs11Conf.pkcs11Library(), pkcs11Conf.slot(), protectionParameter
             );
 
             trustKeyStore = KeyStore.getInstance("JKS");
@@ -285,7 +285,7 @@ void testPKCS11Client() throws Exception {
         assert clientKeyStore != null;
         log.debug("aliases: {}", Collections.list(clientKeyStore.aliases()));
 
-        X509Certificate cert  = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.getKeyAlias());
+        X509Certificate cert  = (X509Certificate) clientKeyStore.getCertificate(pkcs11Conf.keyAlias());
         log.debug("Certificate issuer is {}.  This must be in server truststore "
                 + "or SSL handshake will fail with cryptic error", cert.getIssuerX500Principal());