|
Home > |
|---|
This is the syntax of the pedServer command, which includes starting and stopping of the service, and an assortment of configuration options. Specify "pedserver" at the command line, plus one of the modes, plus any option applicable to that mode.
pedServer.exe –mode {start | stop | connect | disconnect | show | config }
-ip <ip address>
[-port <port number>]
[-force]
pedServer –appliance register
–name <unique name>
-certificate <Network HSM certificate file>
-ip <network-hsm-ip>
[-port <port number>]
Note: The -name parameter must be alphanumeric only: 0 through 9 or a through z or A through Z
No punctuation or special characters are permitted.
pedServer –appliance deregister
–name <unique name>
[-force]
pedServer –appliance list
pedServer –regenCert [-force]
Note: When registering, the default port 9697 is assumed. However in the special case where another application already uses port 9697, port forwarding in a router could remap a different incoming port number (that you provide in the -appliance register command) to 9697 when forwarded to the SafeNet Network HSM.
C:\Program Files\SafeNet\LunaClient>pedserver
Ped Server Version 1.0.5 (10005)
Error: You must specify a mode.
Usage: pedServer [mode] [options...]
Explanation of the modes:
To query if a Ped Server is currently running, and to get details about
the Ped Server, use this command:
pedServer -mode show [ options... ]
To shut down an existing Ped Server, use this command:
pedServer -mode stop [ options... ]
To start the Ped Server, use this command:
pedServer -mode start [ options... ]
To start the Ped Server, use this command:
pedServer -mode start [ options... ]
To show the existing configuration file settings, use this command:
pedServer -mode config -show
To restore the internal default configuration file settings, use this command:
pedServer -mode config -create [ options... ]
To modify the existing configuration file settings, use this command:
pedServer -mode config -set [ options... ]
To view a more detailed description of the Ped Server, use this command:
pedServer -mode desc
Explanation of the options:
Any options that are not specified on the command line will be read from
the config file. If the config file cannot be found, internal default settings
will be used. Invalid options do not generate an error and are ignored.
-mode <mode> -> Specifies the mode that the Ped Server will be
executed in. The supported modes are "start",
"stop", "connect", "disconnect", "show" and "config".
-configfile <filename> -> Specifies the config file to use. Applicable to all
modes.
-name <registered
appliance name> -> Specifies the config file to use. Applicable
to "connect" mode.
-eserverport <0 or 1> -> Specifies if the server port is on "localhost"
or listening on the external host name. Applicable
to "start" and "config set" modes.
-port <server port> -> Specifies the server port number. Applicable to
"start" and "config set" modes.
-eadmin <0 or 1> -> Specifies if the administration port is on
"localhost" or listening on the external host
name. Applicable to "start" and "config set" modes.
-admin <admin port number> -> Specifies the administration port number.
Applicable to "start", "stop", and "show" modes.
-force -> When used with "-start", specifies that any existing
Ped Server currently running should be shutdown and a new
Ped Server started. Applicable to "start" mode.
-set -> When used with "-config", specifies that the
configuration file should be updated with values
of the other supplied options. Applicable to "config"
-show -> When used with "-config", specifies that the
contents of the configuration file should be displayed.
Applicable to "config" mode.
-idletimeout<int> -> Specifies the idle connection timeout in seconds.
Applicable to "start" and "config set" modes.
-socketreadtimeout <int> -> Specifies the socket read timeout in seconds.
Applicable to "start", "stop", "show" and
"config set" modes.
-socketwritetimeout <int> -> Specifies the socket write timeout in seconds.
Applicable to "start", "stop", "show" and
"config set" modes.
-internalshutdowntimeout <int> -> Specifies the shutdown timeout in seconds for
internal services.
Applicable to "start", "stop" and "config set"
modes.
-bgprocessstartuptimeout <int> -> Specifies the startup timeout for the detached
process.
Applicable to "start", "stop" and "config set"
modes.
-bgprocessshutdowntimeout <int> -> Specifies the shutdown timeout for the detached
process.
Applicable to "start", "stop" and "config set"
modes.
-loginfo <0 or 1> -> Specifies if the logger should log "info" messages.
Applicable to all modes.
-logwarning <0 or 1> -> Specifies if the logger should log "warning" messages.
Applicable to all modes.
-logerror <0 or 1> -> Specifies if the logger should log "error" messages.
Applicable to all modes.
-logtrace <0 or 1> -> Specifies if the logger should log "trace" messages.
Applicable to all modes.
-logfilename <filename> -> Specifies the log file name.
Applicable to all modes.
-maxlogfilesize <size> -> Specifies the maximum log file size in KB
Applicable to all modes.
-pinginterval <int> -> Specifies the interval in seconds for ping commands.
Applicable to "start" and "config set" modes.
-pongtimeout <int> -> Specifies timeout in seconds for the ping response.
Applicable to "start" and "config set" modes
C:\Program Files\SafeNet\LunaClient>Commands you are likely to use most often are PedServer mode start, to launch the service, when working in Client/Server mode, and PedServer mode show, to display its current status.
C:\Program Files\Safenet\LunaClient>PedServer.exe mode start
Ped Server Version 1.0.5 (10005)
Failed to load configuration file. Using default settings.
Ped Server launched in startup mode.
Starting background process
Background process started
Ped Server Process created, exiting this process.
C:\Program Files\Safenet\LunaClient>
C:\Program Files\Safenet\LunaClient>PedServer.exe mode show
Ped Server Version 1.0.5 (10005)
Failed to load configuration file. Using default settings.
Ped Server launched in status mode.
Server Information:
Hostname: OTT1-202311
IP: 172.20.10.190
Firmware Version: 2.5.0-1
PedII Protocol Version: 1.0.1-0
Software Version: 1.0.5 (10005)
Ped2 Connection Status: Connected
Ped2 RPK Count 1
Ped2 RPK Serial Numbers (5b420100834a2301)
Client Information: Not Available
Operating Information:
Server Port: 1503
External Server Interface: Yes
Admin Port: 1502
External Admin Interface: No
Server Up Time: 8 (secs)
Server Idle Time: 8 (secs) (100%)
Idle Timeout Value: 1800 (secs)
Current Connection Time: 0 (secs)
Current Connection Idle Time: 0 (secs)
Current Connection Total Idle Time: 0 (secs) (100%)
Total Connection Time: 0 (secs)
Total Connection Idle Time: 0 (secs) (100%)
Show command passed.
C:\Program Files\Safenet\LunaClient>
PedServer is required to run on any computer that has a SafeNet Remote PED attached, and is providing PED services.
PedServer always works with an instance of PedClient.
PedClient could be running on a distant HSM host computer, or it could be running on the same computer that has the Remote PED attached and PedServer running. This would normally be the case where a SafeNet Remote Backup HSM or other HSM is also attached or embedded. In other words, the one computer could be carrying on both halves of the PedClient/PedServer conversation over two ports in its own memory.
PedServer can also run in peer-to-peer mode, where the server initiates the connection to the Client. This is needed when the Client (usually SafeNet Network HSM) is behind a firewall that forbids outgoing initiation of connections.
See "Remote Application Partition Backup and Restore Using the Backup HSM" on page 1 in the Administration Guide for more information.