Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

back

Luna Cloud HSM Clients

Secure Luna Client UserIDs

search

Secure Luna Client UserIDs

Secure Luna Client UserIDs

Client UserIDs (AuthTokenClientId, AuthTokenClientSecret, and AuthTokenConfigURI) are stored in plaintext in the downloaded .zip file by default. You can secure your Client UserID by setting it as a system variable.

To Secure your Client UserID
  1. Delete the cvclient-min.tar (Linux) or cvclient-min.zip (Windows) file from the zip package.

  2. Copy the AuthTokenClientId, AuthTokenClientSecret, and AuthTokenConfigURI from the crystoki.ini file (Windows) or the crystoki.conf file (Linux) and deploy as environment variables using the setx command (Windows) or the export command (Linux).

    Example (Windows):

    
    setx AuthTokenClientId *** /m 
    setx AuthtokenClientSecret *** /m
    setx AuthTokenConfigURI ** /m
    

    Example (Linux):

    
    export AuthTokenClientId ****
    export AuthTokenClientSecret **
    export AuthTokenConfigURI **
    

    Note

    The /m command specifies that the variable should be set in the system-wide environment (HKEY_LOCAL_MACHINE) instead of the default HKEY_CURRENT_USER environment.

  3. Delete the AuthTokenClientId and AuthTokenClientSecret entries from the [REST] section of the chrystoki.ini file (Windows) or the chrystoki.conf file (Linux).