|
Home > |
|---|
List the available slots on the system. If your host computer contains, or is connected to, only a single SafeNet HSM with firmware older than version 6.22.0, then a slot list has just one entry. If your single HSM has firmware 6.22.0 or newer, then the HSM administrative partition and any application partition are distinct and appear individually in a lunacm slot list, so at least two slots. Similarly, if you have several local SafeNet HSMs installed or connected, or if you have SafeNet Network HSM application partitions Ethernet-connected via NTLS or STC links, then you can have multiple slots represented in a lunacm slot list.
LunaCM depends on the availability of HSM partitions in order to be useful. If no application partition has been created, then only the HSM SO (administrative) partition is available, against which to run commands.
If the Chrystoki.conf / Crystoki.ini configuration file [Presentation] setting "ShowAdminTokens=" is set to no, then the HSM administrative partition/slot is also unavailable, and LunaCM is not usable. If you know you have a working SafeNet PCI-E HSM or SafeNet USB HSM attached to your Client computer and LunaCM shows no usable commands, then verify in your Chrystoki.conf or Crystoki.ini file that "ShowAdminTokens" is not set to no.
Note: The lunacm command hagroup haonly acts on your client applications, either allowing (default or hagroup haonly -disable) or disallowing (hagroup haonly -enable) the application to see individual HSM partition slots or just the HA group virtual slot, respectively. The command has no effect on administrative tools like lunacm, where a "slot list" returns all slots, both actual and virtual, regardless of the status of hagroup haonly.
slot list
lunacm:> slot list
Slot Id -> 1
Tunnel Slot Id -> 2
Label -> mypci-e
Serial Number -> 150022
Model -> K6 Base
Firmware Version -> 6.22.0
Configuration -> Luna HSM Admin Partition Signing With Cloning Mode
Slot Description -> Admin Token Slot
HSM Configuration -> Luna HSM Admin Partition (PED)
HSM Status -> OK
Slot Id -> 3
Label -> SafeG5
Serial Number -> 7001812
Model -> G5Base
Firmware Version -> 6.22.0
Configuration -> Luna HSM Admin Partition Signing With Cloning Mode
Slot Description -> Admin Token Slot
HSM Configuration -> Luna HSM Admin Partition (PED)
HSM Status -> OK
Slot Id -> 4
HSM Label -> myG5pw
HSM Serial Number -> 7001312
HSM Model -> G5Base
HSM Firmware Version -> 6.10.4
HSM Configuration -> SafeNet USB HSM (PW) Signing With Cloning Mode
HSM Status -> OK
Slot Id -> 4
Label -> myRBSG5Bk
Serial Number -> 7000329
Model -> G5Backup
Firmware Version -> 6.22.0
Configuration -> Luna HSM Admin Partition (PW) Backup Mode
Slot Description -> Net Admin Token Slot
HSM Configuration -> Luna HSM Admin Partition (PW) Backup Device
HSM Status -> OKCurrent Slot ID: 3
Command Result : No Error
Note: Each HSM administrative partition in a slot list includes "HSM Status". The possible values are listed, along with expanded descriptions and possible responses, at HSM Status Values in the Administration Guide.