Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Client Configuration Requirements

search

Client Configuration Requirements

Tip

Luna Cloud HSM Services provisioned through the Thales Data Protection on Demand marketplace user interfaces refer to a service client. Luna Cloud HSM Services provisioned through external marketplaces user interfaces refer to a partition client. The documentation refers to these components as the client.

Please adhere to the following parameters when initializing your client partition. Failure to adhere to these parameters will result in an operation failure when executing the commands in lunacm.

Partition label

The partition label created during initialization must be 1-32 characters in length. If you specify a longer label, it will automatically be truncated to 32 characters. The following characters are allowed: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 !@#$%^&*()-_=+[]{}|/;:',.\<>`~.

Question marks (?) and double quotation marks (") are not allowed. Spaces are allowed; enclose the label in double quotation marks if it includes spaces.

Note

The SafeNet Luna Key Storage Provider (KSP) in the client package does not support partitions with a space character in the partition label. If you are completing an integration that requires the SafeNet KSP, do not include a space character in the partition label. If a space is required in the partition label, configure the KSP using the partition ID.

Domain string

The domain string must be 1-128 characters in length. The following characters are allowed: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 !@#$%^*-_=+[]{}/:',.~.

The following characters are problematic or invalid and must not be used in a domain string: "&;<>`|() Spaces are allowed, as long as the leading character is not a space; to specify a domain string with spaces using the -domain option, enclose the string in double quotation marks.

Passwords and challenge secrets

In LunaCM, passwords and challenge secrets must be 7-255 characters in length. The following characters are allowed: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 !@#$%^&*()-_=+[]{}|/;:',.\<>`~.

Double quotation marks (") are problematic and should not be used in passwords. Spaces are allowed; to specify a password with spaces using the -password option, enclose the password in double quotation marks.

We recommend that you always use strong passwords when configuring HSMs and partitions, even if the passwords are temporary. A strong password has at least 16 random characters. Please see these guidelines from the National Institute of Standards and Technology (NIST).

On this page