hagroup creategroup

Create an HA group. Use the -slot or -serialnumber options to specify the primary member for the group. All password-authenticated HA group members must have the same password. All PED-authenticated HA group members must have a challenge created, and activation turned on, and all challenges must be the same. See Activation and Auto-activation on Multi-factor- (PED-) Authenticated Partitions for more information. By default, you cannot create a group using an HSM on Demand service as the primary member; it must be added to an existing group.

Syntax

hagroup creategroup {-serialnumber <serialnum> | -slot <slotnumber>} -label <label> -password <password>

Argument(s) Shortcut Description
-serialnumber <serialnum> -se Serial number of the partition selected to be the primary member of the HA group.
-slot <slotnumber> -sl Slot number of the partition selected to be the primary member of the HA group.
-label <label> -l Label for the HA group being created.
-password <password> -p Crypto Officer password or challenge secret for the primary partition. This password must be the same for all HA group member partitions.

Example

lunacm:> hagroup creategroup -serialnumber 154438865288 -label myHAgroup

        Enter the password: ********

Warning:  There are objects currently on the new member.
          Do you wish to propagate these objects within the HA
          group, or remove them?

          Type 'copy' to keep and propagate the existing
          objects, 'remove' to remove them before continuing,
          or 'quit' to stop adding this new group member.
          >  copy


        New group with label "myHAgroup" created with group number 1154438865288.
        Group configuration is:

         HA Group Label:  myHAgroup
        HA Group Number:  1154438865288
       HA Group Slot ID:  Not Available
        Synchronization: enabled
          Group Members:  154438865288
             Needs sync:  no
        Standby Members:  <none>

Slot #    Member S/N                      Member Label    Status
======    ==========                      ============    ======
     0  154438865288                            sa78-2     alive


Command Result : No Error



LunaCM v7.0.0. Copyright (c) 2006-2017 SafeNet.

        Available HSMs:

        Slot Id ->              0
        Label ->                sa78-2
        Serial Number ->        154438865288
        Model ->                LunaSA 7.0.0
        Firmware Version ->     7.0.1
        Configuration ->        Luna User Partition With SO (PW) Signing With Cloning Mode
        Slot Description ->     Net Token Slot

        Slot Id ->              1
        Label ->                sa40-2
        Serial Number ->        1238700701515
        Model ->                LunaSA 7.0.0
        Firmware Version ->     7.0.1
        Configuration ->        Luna User Partition With SO (PW) Signing With Cloning Mode
        Slot Description ->     Net Token Slot

        Slot Id ->              5
        HSM Label ->            myHAgroup
        HSM Serial Number ->    1154438865288
        HSM Model ->            LunaVirtual
        HSM Firmware Version -> 7.0.1
        HSM Configuration ->    Luna Virtual HSM (PW) Signing With Cloning Mode
        HSM Status ->           N/A - HA Group



        Current Slot Id: 0