Services
Luna Cloud HSM Services
Luna Cloud HSM Service Integrations
CipherTrust Key Management Services
- Key Broker for Salesforce
  - Adding a Key Broker for Salesforce Service
  - Managing a Key Broker for Salesforce Service
  - Setting a Rotation Policy
  - Migrating Key Broker for Salesforce to CipherTrust Data Security Platform as a Service
- Key Broker for Google Cloud EKM
  - Service Guide
  - Key Setup Guide
  - Key Use Guide
  - Frequently Asked Questions
  - Migrating Key Broker for Google Cloud EKM to CipherTrust Data Security Platform as a Service
- CipherTrust Data Security Platform as a Service
payShield Cloud Services
- payShield Cloud HSM Service
  - Service Overview
  - Prerequisites
  - Getting Started
    - payShield Cloud HSM Configuration/Subscription Options
    - How to Subscribe to the payShield Cloud HSM Service
  - Service Specifications
  - Connecting to the payShield Cloud HSM Service
    - Azure Connection Guide
      - Create Express Route connection
      - Create a Virtual Network
      - Create a Virtual Network Gateway
    - GCP Connection Guide
    - AWS Connectiontion Guide
  - Service Provisioning from DPoD Platform
    - Trial Tier Provisioning
    - Production Tier Provisioning
    - View Sevice Status
  - HSM Management using payShield Manager
    - Preparing for HSM Commission
      - Install Smart Card Reader Driver
      - Check Your Proxy Configuration
      - Additional Steps for the First Time Users
        
        Install the Extension Component
        
        Enable the Extension Component
        
        Install the Local Application Component
      - Configure the Smart Card Reader
    - Steps to Commission payShield Manager
      - Create a new Security Domain
      - Load / Install the Security Domain
      - Create Left and Right Remote Access Control key cards
    - Adding Another HSM to the Security Domain
    - Transitioning between HSM States via payShield Manager
    - Viewing Network Interfaces in payShield Manager
  - HSM Deprovisioning
  - APPENDIX A - Glossary
  - APPENDIX B - DPoD Errors
- Point-to-Point Encryption
  - Adding a Point-to-Point Encryption Service
  - Using the service
  - P2PE CLI
    - p2pe key
      - p2pe key generate
      - p2pe key list
      - p2pe key delete
      - p2pe key export
    - p2pe service
      - p2pe service init
      - p2pe service changePwd
    - p2pe tls
      - p2pe tls init
      - p2pe tls requestcertificate
      - p2pe tls selfsigncertificate
  - P2PE REST API
  - P2PE errors
  - Service Details
  - Frequently Asked Questions
Partner Services

p2pe tls selfsigncertificate

Command to create a new TLS Self-Signed certificate in PEM encoded format on existing TLS key pair.

On Windows operating systems execute the command from an Administrator Command Prompt. Right-click the Command Prompt and select Run as Administrator.

Linux

p2pe tls selfsigncertificate [flags]

Windows

p2pe.exe tls selfsigncertificate [flags]

Flags	Description
`[--client]`	Path to directory containing extracted service client. (Default `.`)
`[--days]`	Certificate validity period (default 365).
`--dns`	Comma separated DNS names as SubjectAltName(s).
`[--out]`	Output directory to write the TLS configuration and certificate files. (Default `.`) If omitted, PEM encoded CSR is dumped to stdout. Certificate options include PEM and DER.
`[--password]`	Password for the service.
`--subject`	Subject DN input in openssl style. Example: /CN=example/C=IN/
`--help`	Help for the command.

Linux Example

p2pe tls selfsigncertificate --days 180 --dns 0.0.0.0 --subject /CN=localhost/C=IN/ --password Welcome@123 --client ~/<path_to_p2pe_service_client>

Windows Example

p2pe.exe selfsigncertificate --days 180 --dns 0.0.0.0 --subject /CN=localhost/C=IN/ --password Welcome@123 --client ~/<path_to_p2pe_service_client>

p2pe tls selfsigncertificate

On this page

Suggest A Change