Send the client certificate (that you created on the previous page) to the HSM appliance, as follows.
The command is:
C:\Program Files\SafeNet\LunaClient\ > pscp cert\client\<clientCert>.pem admin@<serverhostname-or-IP>:
You are prompted for the HSM appliance admin password.
Example
c:\> cd \Program Files\SafeNet\LunaClient\cert\client
c:\ Program Files\SafeNet\LunaClient\cert\client> dir
myClient1Key.pem myClient1.pem
c:\ Program Files\SafeNet\LunaClient\> pscp “c:\Program Files\SafeNet\LunaClient\cert\client\myClient1.pem” admin@myLuna3:
You must scp to the admin account on the HSM appliance, or the client
certificate will not register correctly.
You might need to surround the entire filespec (path and filename) within quotation marks if Windows stumbles at the space between Program and Files.
To adjust the permissions for the directory c:\Program Files\SafeNet\LunaClient\, right-click that directory. In the resulting context menu, select Properties, and in the ensuing dialog select the "Security" tab. Choose the appropriate user or group and adjust as needed. Then repeat the commands in the steps above, which should now work as expected.
The appearance might vary slightly for different Windows versions. If the permissions change does not propagate to subdirectories, then you might need to repeat the process for the "cert" subdirectory and for the "client" and "server" subdirectories.
For networks without DNS, use the HSM appliance's IP address, instead of the hostname.
Example
c:\> cd \Program Files\SafeNet\LunaClient\cert\client
c:\ Program Files\SafeNet\LunaClient\cert\client> dir
<client-ip-address>Key.pem <client-ip-address>.pem
c:\ Program Files\SafeNet\LunaClient\> pscp “c:\Program Files\SafeNet\LunaClient\cert\client\<client-ip-address>.pem” admin@<appliance-ip-address>:
Note the “:” after the destination. This is required. Without the colon,
scp does not recognize the supplied destination as a remote server.
The file arriving at the HSM is automatically placed in the
appropriate directory. Do not specify a directory for destination.
Next, "Register the Client Certificate to an HSM Server", to continue the setup (we're nearly done at this point).