|
Home > |
|---|
The LunaCM utility (lunacm) is the client-side administrative command interface for Luna HSMs.
From a client/host computer, LunaCM can interact with, and perform operations on any, or all, of the following:
•internally installed Luna PCI-E 5.x HSMs (K6 HSM card)
•locally USB-connected Luna G5 HSMs
•remotely located Luna SA application partitions, made available by a NTLS or STC network link between the distant HSM appliance and partition(s) and the local client computer.
1.Open a Command Prompt or console window.
2.Go to the LunaClient software directory and start the LunaCM utility:
| Windows |
C:\> cd c:\Program Files\SafeNet\LunaClient C:\Program Files\SafeNet\LunaClient\> lunacm |
| Linux/AIX |
> cd /usr/safenet/lunaclient/bin > ./lunacm |
| Solaris/HP-UX |
> cd /opt/safenet/lunaclient/bin > ./lunacm |
Some preliminary status information is displayed, followed by the lunacm:> command-line prompt.
3.You can now issue any lunacm utility command to manage your Luna HSM. For a summary, type "help" and press [Enter].
Note: For Luna PCI-E and Luna G5, LunaCM is used to administer both the HSM as HSM SO, and the application partition, as HSM SO for HSMs with firmware older than 6.22.0, or as Partition SO for HSMs with firmware 6.22.0 and newer.
Note: For Luna SA, LunaCM is used to manage application partitions (assuming an NTLS or STC link between your LunaClient computer and the Luna SA appliance). LunaCM is not used to perform HSM-wide administration by the HSM SO on Luna SA - for that you must log into a Luna Shell (lunash) session via SSH.
LunaCM depends on the availability of HSM partitions in order to be useful. If no application partition has been created, then only the HSM SO (administrative) partition is available, against which to run commands.
If the Chrystoki.conf / Crystoki.ini configuration file [Presentation] setting "ShowAdminTokens=" is set to no, then the HSM administrative partition/slot is also unavailable, and LunaCM is not usable. If you know you have a working Luna PCI-E or Luna G5 HSM attached to your LunaClient computer and LunaCM shows no usable commands, then verify in your Chrystoki.conf or Crystoki.ini file that "ShowAdminTokens" is not set to no.