Home >

LunaCM Command Reference Guide > LunaCM Commands > partition > partition createchallenge

partition createchallenge

Create the legacy application partition's Crypto Officer challenge for a PED-authenticated Luna G5 HSM or Luna PCI-E HSM.

In the HSM's administrative partition, log in first, as the HSM SO.

Run the partition createchallenge command after you run the partition createuser command.

If HSM firmware is version 6.22.0 or newer, then a legacy application partition is separate from the HSM administrative partition. Run the partition createchallenge command from the HSM's administrative partition, specifying the slot number corresponding to the target application partition.

If HSM firmware is older than version 6.22.0, then a legacy application partition is not separate from the HSM administrative partition. Run the partition createchallenge command from the HSM's administrative partition, and do not specifying a slot.

Record the 16-character text string displayed by the PED, using a text editor to avoid transcription errors that sometimes occur with handwriting.

The equivalent of this command for a PPSO partition is the role createchallenge command, which is run within the application partition, and which is run by the partition SO.

Syntax

partition createChallenge -slot <number> [-defchallenge]

Parameter Shortcut Description
-slot -sl Slot where creating user challenge (for legacy partition)
-defchallenge -d Use Default Challenge Password .   [Optional] This is intended as a convenience when provisioning or integrating. The challenge must be changed before you can perform cryptographic operations.  

Example

lunacm:> partition createChallenge -slot 0
 
Please attend to the PED.
 
Command Result : No Error