|
Home > |
|---|
Export a partition's STC public key to a file.
This command is available only if the current slot is a PPSO partition.
Note: If the HSM is zeroized while STC is enabled, the STC link between LunaCM and the admin partition will no longer authenticate, since the admin partition identity no longer exists. If this occurs, you will be unable to log into, or initialize, the HSM. To recover from this state, run the stcconfig partitionidexport command without any parameters. When you run the command, a new identity is created for the admin partition, and the new admin partition public key is exported to the default directory. This will restore the STC link between LunaCM and the admin partition, allowing you to re-initialize the HSM. You can only run this command, while not logged into the HSM, if the HSM is zeroized.
stcconfig partitionidexport [-slot <slot_id>] [-file <file_path>]
| Parameter | Shortcut | Description |
|---|---|---|
| -file <file_path> | -f <file_path> |
Specifies the full path to the file to which you want to export the partition's STC public key. If you omit this parameter the key is exported by default to the following file: <luna_client_root>/identities/<partition_serial_number>.pem |
| -slot <slot_id> | -s <slot_id> |
Specifies the slot containing the partition whose STC public key you want to export. This parameter is available only if you are logged into the HSM's Admin partition. |
lunacm:> stcc pidex
Successfully exported the partition identity public key of slot 3 to
/usr/lunaclient/bin/identities/36928740.pem
lunacm:> stcc pidex -s 2
Successfully exported the partition identity public key of slot 2 to
/usr/lunaclient/bin/identities/30987740.pem