Your suggested change has been received. Thank you.


Suggest A Change….


Luna Cloud HSM Clients

Secure Luna Client UserIDs


Secure Luna Client UserIDs

Secure Luna Client UserIDs

Client UserIDs (AuthTokenClientId, AuthTokenClientSecret, and AuthTokenConfigURI) are stored in plaintext in the downloaded .zip file by default. You can secure your Client UserID by setting it as a system variable.

To Secure your Client UserID
  1. Delete the cvclient-min.tar (Linux) or (Windows) file from the zip package.

  2. Copy the AuthTokenClientId, AuthTokenClientSecret, and AuthTokenConfigURI from the crystoki.ini file (Windows) or the crystoki.conf file (Linux) and deploy as environment variables using the setx command (Windows) or the export command (Linux).

    Example (Windows):

    setx AuthTokenClientId *** /m 
    setx AuthtokenClientSecret *** /m
    setx AuthTokenConfigURI ** /m

    Example (Linux):

    export AuthTokenClientId ****
    export AuthTokenClientSecret **
    export AuthTokenConfigURI **


    The /m command specifies that the variable should be set in the system-wide environment (HKEY_LOCAL_MACHINE) instead of the default HKEY_CURRENT_USER environment.

  3. Delete the AuthTokenClientId and AuthTokenClientSecret entries from the [REST] section of the chrystoki.ini file (Windows) or the chrystoki.conf file (Linux).