Home >

LunaCM Command Reference Guide > LunaCM Commands > hsm > hsm changehsmpolicy

hsm changehsmpolicy

Change HSM-level policies. This command changes the specified HSM Policy from the current value to the new, specified value, if the corresponding HSM capability setting permits the change.

Note:  The lunacm hsm commands appear only when the current slot selected in lunacm is for a locally-installed HSM, such as a Luna PCI-E. When lunacm is directed at a slot corresponding to a remote Luna SA, the hsm-level commands do not appear, since lunacm has a client-only connection to a remote HSM and therefore cannot log in as SO to a remote HSM. To access HSM commands on the Luna SA appliance, you must use the Luna Shell (lunash).

Syntax

hsm changeHSMPolicy - policy <policy_number> -value <new_policy_value> [-force]

Parameter Shortcut Description
-policy -p The number identifying the HSM policy that you want to change. Use the hsm show command to find the number of the policy you want to change.
-value -v The new setting to be applied to the indicated HSM policy. Use the hsm show command to find the current setting of the policy you want to change.
-force -f Force the change without further prompting.

Example

lunacm:> hsm changeHSMPolicy -policy 12 -value 1
 
You are about to implement a destructive policy change which will zeroize the HSM.
The User will be deleted and all data will be erased.
Are you sure you wish to continue?
 
Type 'proceed' to continue, or 'quit' to quit now -> proceed
 
Command Result : No Error