clientconfig deploy
Creates a Network Trust Link between the client and a SafeNet Luna Network HSM appliance. This command creates a client Private Key and Certificate, and uses scp or pscp to transfer the client and server certificates to each other.
NOTE If scp or pscp is blocked by a firewall, this command will fail and the certificates must be transferred by other secure means and registered manually.
Syntax
clientconfig deploy -server <server_IP> -client <client_IP> -partition <partition_name> [-password <password>] [-user <username>] [-regen] [-verbose] [-force]
Argument(s) | Shortcut | Description |
---|---|---|
-client <client_IP> | -c | The client hostname or IP. |
-force | -f | Force the action without prompting for confirmation. |
-partition <partition_name> | -par | The name of the partition to be assigned to the client. This partition must be created in advance using LunaSH. |
-password <password> | -pw | The appliance administrator's password. If this option is not included, you will be prompted for the password. Passwords entered at the prompt are hidden. |
-regen | -rg | Including this option will regenerate and replace the client certificate. This may disrupt connections to other SafeNet Luna Network HSM servers. |
-server <server_IP> | -n | The server hostname or IP. |
-verbose | -v | Show more detailed logs during the procedure. |
-user <username> | -ur |
The appliance administrator's username. Default: admin |
Example
lunacm:> clientconfig deploy -server 192.20.11.78 -client 192.20.11.129 -partition par1 -password userpin2 -user admin Please wait while we set up the connection to the HSM. This may take several minutes... Last login: Wed Feb 22 10:06:59 2017 from 192.20.11.129 Luna SA 7.0.0 Command Line Shell - Copyright (c) 2001-2017 SafeNet, Inc. All rights reserved. Private Key created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129Key.pem Certificate created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129.pem New server 192.20.11.78 successfully added to server list. The following Luna SA Slots/Partitions were found: Slot Serial # Label ==== ================ ===== 0 1238700701510 par0 1 154438865312 Command Result : No Error